# sweet-7b6.pages.dev — SUSPICIOUS

> sweet-7b6.pages.dev is a live crypto-drainer scam with 0/95 VirusTotal detections; verify before you click and visit PhishDestroy for instant checks.

## Summary
PhishDestroy identifies sweet-7b6.pages.dev as an active crypto-draining scam site designed to steal cryptocurrency from unwary users. The domain resolves to IP 172.66.44.165 and is currently hosted behind Cloudflare’s proxy, masking its true origin while using a Let’s Encrypt SSL certificate to appear legitimate. With 0 detections on VirusTotal (95 engines), this threat remains under the radar for most automated scanners, making it especially dangerous for users who rely on standard security tools.  This domain was flagged through PhishDestroy’s threat-intelligence pipeline and is under active investigation. It was registered through Cloudflare, Inc., a common tactic among malicious actors seeking anonymity and fast DNS propagation. The site currently operates without any malicious signatures in VirusTotal’s database, indicating a recently deployed campaign with low detection rates across mainstream security platforms.  If you visited sweet-7b6.pages.dev, do not connect any cryptocurrency wallets or enter credentials. Disconnect from the internet if possible and scan your device with updated antivirus software. Report the domain immediately to PhishDestroy for blocking and analysis. Avoid reopening the page, and warn others who may have been targeted. Stay safe—always verify links and sites before interacting with them.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.165

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/42fdd638-5b01-44c3-a0fb-7fda547386b0
- PhishDestroy: https://phishdestroy.io/domain/sweet-7b6.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sweet-7b6.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sweet-7b6.pages.dev/
Last updated: 2026-03-30