# app-trrust-en-us.pages.dev — SUSPICIOUS

> Investigate app-trrust-en-us.pages.dev — a fake trust provider phishing site flagged by 3 of 95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies app-trrust-en-us.pages.dev as an active fake trust provider phishing domain engaged in credential harvesting attacks. This deceptive site masquerades as a legitimate security verification portal to trick users into surrendering sensitive login credentials. Current status remains active as of real-time monitoring, with no evidence of takedown by Cloudflare's threat mitigation systems.


Technical analysis reveals this domain resolves to IP address 188.114.96.3 and was flagged by exactly 3 security vendors out of 95 VirusTotal scanners, indicating limited but concerning detection coverage. Registered through Cloudflare, Inc., the domain utilizes Google Trust Services SSL certificates to enhance authenticity perception. Notably, the infrastructure operates within Cloudflare’s Pages.dev platform, which malicious actors frequently exploit to host phishing pages while maintaining anonymity behind the CDN’s protective layers.


Risk assessment places this domain at elevated threat levels due to its active status, SSL credibility, and deceptive branding suggesting fake security verification. Concrete recommendations include immediate network blocking of IP 188.114.96.3 and domain app-trrust-en-us.pages.dev at DNS/firewall levels. Users should verify any unexpected security popups directly through official channels rather than trusting suspicious domains. Enterprises are advised to update threat intelligence feeds and conduct employee awareness training focusing on recognizing fake trust provider scams. Monitoring this domain’s certificate chains may reveal additional malicious infrastructure due to Cloudflare’s interconnected hosting environment.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d08e45c6-30d7-49e3-aa40-aefdef3731e7
- PhishDestroy: https://phishdestroy.io/domain/app-trrust-en-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/app-trrust-en-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-trrust-en-us.pages.dev/
Last updated: 2026-03-22