# support-desktop.pages.dev — MALICIOUS

> Investigate support-desktop.pages.dev, a documented fake support portal phishing domain detected by 9/95 VirusTotal vendors. Check the full report.

## Summary
support-desktop.pages.dev has been classified as an active phishing domain with an elevated risk level. This domain is specifically engineered to impersonate legitimate support portals, tricking users into divulging credentials or sensitive information under the guise of technical assistance.

This domain was flagged after VirusTotal detected detections from 9 of 95 participating security vendors. The domain is registered through Cloudflare, Inc., resolves to the IP address 172.66.44.153, and holds an SSL certificate issued by Google Trust Services LLC, which may contribute to its perceived legitimacy. While the precise registration date remains unverified, the domain's presence on multiple threat intelligence feeds underscores its malicious nature.

Organizations and end-users are strongly advised to block traffic to and from this domain at the network perimeter and DNS level. Users should be reminded to verify the authenticity of support communications by cross-referencing official channels before submitting any credentials. Immediate blocking of the IP address 172.66.44.153 and the domain itself is recommended to mitigate further exposure. Consider raising awareness among support teams and customers about the tactics employed by such phishing campaigns to prevent credential harvesting.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.153

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/bdec795e-e3ba-49a7-b23f-492003734ba9
- PhishDestroy: https://phishdestroy.io/domain/support-desktop.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/support-desktop.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/support-desktop.pages.dev/
Last updated: 2026-03-26