# connects-suites-trze-io.pages.dev — SUSPICIOUS > Connects-suites-trze-io.pages.dev is a credential theft phishing domain flagged by 1/95 VirusTotal vendors. Avoid entering sensitive data. Block immediately. ## Summary PhishDestroy identifies connects-suites-trze-io.pages.dev as an active credential theft phishing domain operating at an elevated risk level. This Pages.dev subdomain employs deceptive branding to mimic legitimate connectivity services, tricking users into submitting login credentials or financial information under false pretenses. The threat is classified as credential theft rather than generic phishing due to its targeted impersonation tactics and potential for immediate account compromise. This domain was flagged by 1 out of 95 VirusTotal security vendors and registered through Cloudflare, Inc. It resolves to IP address 188.114.96.3, a Google Trust Services SSL certificate. The Pages.dev infrastructure indicates a Cloudflare Workers deployment, which adversaries often abuse for fast-flux hosting to evade traditional blocklists. Despite its professional appearance through Google Trust Services, the domain has not been widely adopted by reputable security platforms, suggesting limited detection coverage. The combination of low VirusTotal coverage (1/95) and association with cloud-based hosting solutions like Pages.dev creates a high-risk profile for unsuspecting users. To mitigate credential theft risks, immediately block connects-suites-trze-io.pages.dev at the network and endpoint levels using updated threat intelligence feeds. Users who may have interacted with this domain should rotate all credentials exposed to it and enable multi-factor authentication on affected accounts. Organizations should deploy DNS filtering policies to block Pages.dev subdomains entirely, given the platform's frequent abuse by credential phishing campaigns. Monitor for lateral movement if credentials were entered, as threat actors often leverage stolen access for further exploitation. Report any suspicious activity to your security team and consider adding this domain to internal blocklists with urgency. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/33220cb0-2004-4739-be34-26c2edbd29d0 - PhishDestroy: https://phishdestroy.io/domain/connects-suites-trze-io.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/connects-suites-trze-io.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connects-suites-trze-io.pages.dev/ Last updated: 2026-04-01