# public-desktop.pages.dev — SUSPICIOUS > PhishDestroy flags public-desktop.pages.dev as a crypto drainer posing as a desktop app. VirusTotal shows 0/95 detections. Verify any links before clicking. ## Summary PhishDestroy has identified public-desktop.pages.dev as a suspected crypto drainer domain, designed to trick users into connecting cryptocurrency wallets under the guise of a desktop application interface. This domain is currently hosted on Cloudflare Pages, leveraging the platform’s infrastructure to evade traditional detection mechanisms. The domain resolves to IP address 172.66.47.132 and is secured with a Google Trust Services SSL certificate, which may enhance its appearance of legitimacy to unsuspecting visitors. At present, VirusTotal reports 0 detections out of 95 scanning engines, indicating that this threat has not yet been widely recognized by automated security tools. Users should exercise extreme caution when encountering this domain, as it may be used to deceive individuals into authorizing malicious wallet transactions. This domain was registered through Cloudflare, Inc., a common choice for threat actors seeking to obscure their hosting origins. The technical configuration, including the use of a legitimate SSL certificate, suggests an attempt to blend in with benign web services. As of the latest analysis, the domain remains active and under investigation, with no confirmed blocklist entries at this time. The combination of low detection rates, secure hosting, and deceptive naming conventions creates a high-risk profile for potential victims. PhishDestroy continues to monitor this domain for changes in behavior or infrastructure that may indicate an escalation in threat activity. If you have visited public-desktop.pages.dev, disconnect any cryptocurrency wallets immediately and revoke any unauthorized permissions granted to the domain. Review transaction histories for suspicious activity and consider transferring funds to a secure wallet if unauthorized transfers are detected. Avoid interacting with this domain further, and report any suspicious encounters to PhishDestroy for further analysis. Exercise heightened scrutiny when prompted to connect wallets to unfamiliar websites, as crypto drainers often rely on social engineering and impersonation to succeed. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.132 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/public-desktop.pages.dev - PhishDestroy: https://phishdestroy.io/domain/public-desktop.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/public-desktop.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/public-desktop.pages.dev/ Last updated: 2026-04-10