# connect-trzro-hub.pages.dev — SUSPICIOUS > connect-trzro-hub.pages.dev serves as a credential harvesting phishing landing page, hosting 0/95 detections on VirusTotal with Cloudflare IP 172.66.44.189. ## Summary PhishDestroy identifies connect-trzro-hub.pages.dev as an active credential harvesting phishing site designed to trick users into submitting sensitive login credentials. The domain leverages Cloudflare Pages to host fraudulent content and relies on Google Trust Services for SSL encryption, creating a deceptive facade of legitimacy. This setup is typical of modern phishing campaigns that abuse trusted infrastructure to evade detection and improve social engineering effectiveness. This domain was flagged with zero detections across 95 VirusTotal engines and resolves to IP 172.66.44.189 through Cloudflare, Inc. While the SSL certificate from Google Trust Services adds superficial credibility, technical indicators show this domain (registered through Cloudflare) remains unblocked by security systems despite active abuse. The absence of detections suggests an ongoing, low-profile campaign targeting unsuspecting users. Users who visited connect-trzro-hub.pages.dev should immediately check their browser history and clear any cached data related to the domain. If credentials were entered, change passwords immediately using a different device and enable multi-factor authentication on all affected accounts. Report the activity to your IT security team and avoid interacting with any future communications from this domain. Consider using a password manager with phishing detection features to prevent future exposure to similar threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.189 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f608ffa1-518c-4285-80c7-5db26fbbb8bc - PhishDestroy: https://phishdestroy.io/domain/connect-trzro-hub.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/connect-trzro-hub.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connect-trzro-hub.pages.dev/ Last updated: 2026-03-22