# trazerbridge-io.pages.dev — SUSPICIOUS > PhishDestroy identifies trazerbridge-io.pages.dev hosting a crypto drainer phishing page with 0/95 VirusTotal detections. Act now to protect credentials. ## Summary PhishDestroy identifies trazerbridge-io.pages.dev as an active credential theft domain flagged for brand impersonation aimed at harvesting user login details. The threat level is under investigation but presents HIGH RISK due to its current active status and the absence of detection despite known malicious infrastructure. This domain is part of a campaign leveraging Cloudflare’s Pages.dev service to deliver a counterfeit interface mimicking legitimate crypto platforms, specifically targeting users through deceptive domain naming and social engineering tactics. Victims risk immediate financial loss upon entering credentials, as the domain is engineered to exfiltrate sensitive data to adversary-controlled servers. This domain resolves to IP address 172.66.44.164 and is registered through Cloudflare, Inc. as the hosting provider via Pages.dev. The SSL certificate is issued by Google Trust Services, which may mislead users into believing the site is trustworthy due to the recognized issuer. VirusTotal currently shows 0/95 security engines detecting any malicious content as of the latest scan, indicating low immediate signature-based detection but not confirming benign status. The domain was observed as part of the unique seed 524af6 in ongoing monitoring, suggesting a targeted or recently deployed campaign. Despite the lack of blocklist entries at this moment, the combination of unflagged detection status and active hosting environment warrants urgent attention. Users are strongly advised to avoid interacting with trazerbridge-io.pages.dev or any linked pages that solicit login credentials, especially those related to cryptocurrency platforms. Verify all website URLs through official channels and enable multi-factor authentication (MFA) on all accounts, particularly crypto exchanges. Report the domain to your email provider, DNS filter, and local cybersecurity teams. Organizations should update blocklists using the IP and domain immediately and consider deploying DNS sinkholing or web filtering rules to prevent access. Continuous monitoring is recommended due to the domain’s low detection rate and potential for rapid evolution in attack tactics. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.164 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7df32bd0-1106-4798-8fe5-9d45c08537fd - PhishDestroy: https://phishdestroy.io/domain/trazerbridge-io.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/trazerbridge-io.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/trazerbridge-io.pages.dev/ Last updated: 2026-03-23