# trast-en-app.pages.dev — SUSPICIOUS

> trast-en-app.pages.dev is a confirmed Microsoft 365 credential phishing scam. 1/95 VirusTotal detections. Check the full report.

## Summary
trast-en-app.pages.dev has been confirmed as an active Microsoft 365 credential-phishing site engineered to harvest corporate login details. The domain presents a fake Microsoft-branded login portal designed to trick business users into surrendering email credentials. PhishDestroy analysts classify this page as an elevated-risk threat due to its targeted lure and high likelihood of data compromise.  PhishDestroy identifies that the domain was registered through Cloudflare, Inc., resolved to IP 188.114.97.3, and is secured with a Google Trust Services SSL certificate. VirusTotal reports a single positive detection out of ninety-five participating vendors, while passive DNS and threat-intel feeds do not yet list this hostname on public blocklists. The Cloudflare Workers subdomain (pages.dev) adds legitimacy at a glance, but the absence of additional reputation metrics and the deliberately misspelled “trast” path segment are indicators of a disposable phishing staging ground.  To mitigate exposure, organizations should immediately blocktrast-en-app.pages.dev at DNS and proxy layers, deploy browser-enforced login redirections for Microsoft 365, and educate users to verify URLs against official portals. End-users who entered credentials on this page should rotate passwords immediately, enable multi-factor authentication, and scan endpoints for credential-harvesting malware. Cloudflare has been notified via abuse channels for takedown.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2050b076-1f86-41aa-815c-e2ee9787dda7
- PhishDestroy: https://phishdestroy.io/domain/trast-en-app.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/trast-en-app.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trast-en-app.pages.dev/
Last updated: 2026-03-22