# guide-logon-trazor.pages.dev — SUSPICIOUS

> guide-logon-trazor.pages.dev is an active credential phishing domain with 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies guide-logon-trazor.pages.dev as an active credential phishing domain currently under investigation. The domain is designed to mimic legitimate login portals, likely targeting users with deceptive prompts to harvest credentials. No brand or drainer kit affiliation has been confirmed at this stage, but the domain’s structure suggests a high potential for fraudulent redirection aimed at stealing sensitive login information. The phishing page is hosted under Cloudflare Pages, leveraging the platform’s infrastructure to obscure its origin while maintaining a facade of legitimacy through Cloudflare’s SSL certificate issued by Google Trust Services.


This domain was flagged with a current VirusTotal detection score of 0/95 engines, indicating it has not yet been recognized as malicious by mainstream security tools. The domain resolves to IP address 172.66.47.159, which is associated with Cloudflare’s infrastructure rather than a standalone hosting provider. Registered through Cloudflare, Inc., the domain shows signs of recent creation and lacks an extensive historical footprint, which may explain its low detection rate. Google Safe Browsing (GSB) has not yet marked it as malicious, and no known blocklists currently include this domain. These technical indicators suggest an emerging threat that has not yet triggered widespread defensive responses.


The current status of guide-logon-trazor.pages.dev is active and under investigation by cybersecurity teams. Response actions include ongoing monitoring by security researchers and potential takedown efforts coordinated with Cloudflare to mitigate further abuse. However, the remaining risk is classified as significant due to the domain’s operational status, the lack of detections, and the absence of preventive blocks. Users are advised to avoid interacting with this domain, verify URLs before entering credentials, and report any suspicious activity to their security teams. Immediate blocking of the domain and IP at the network level is recommended to prevent potential credential theft campaigns from gaining traction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.159

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f083e83d-97c6-4d4e-92f6-fa8ff6baf91c
- PhishDestroy: https://phishdestroy.io/domain/guide-logon-trazor.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/guide-logon-trazor.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/guide-logon-trazor.pages.dev/
Last updated: 2026-03-23