# trezsuiten.wixstudio.com — SUSPICIOUS > PhishDestroy identifies trezsuiten.wixstudio.com as a live fake login page that harvests credentials. Flagged by 0 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies trezsuiten.wixstudio.com as a currently active domain engaged in credential harvesting phishing. The site impersonates a suite portal, tricking users into entering login details that are immediately exfiltrated to attacker infrastructure. Current status of the domain is active and under active investigation by multiple threat intel teams; users should treat any interaction with this page as malicious. This domain was flagged by zero of 95 VirusTotal scanning vendors as of the latest scan, indicating it has not yet been widely detected despite hosting a live phishing payload. The domain resolves to IP 34.144.206.118, hosted on Wix infrastructure through Let's Encrypt SSL (certificate issued to the domain via Wix’s managed hosting). The domain was registered using Wix’s registrar services and has zero confirmed entries on major blocklists such as PhishTank, OpenPhish, or URLVoid. With an extremely low initial detection rate and no prior reports, the risk profile currently remains unquantified but active, requiring urgent user caution and organizational blocking. As this domain represents an active credential phishing campaign, immediate defensive measures are required. Organizations and individuals should block all traffic to trezsuiten.wixstudio.com and 34.144.206.118 at the network perimeter using updated firewall and DNS filtering rules. End users should be warned not to access the site or follow any links originating from it. If credentials were entered, users must immediately rotate passwords, enable multi-factor authentication, and monitor accounts for suspicious activity. Security teams are advised to search email logs and SIEM systems for delivery vectors associated with this domain and to report any observed redirects or lures. Continued monitoring is recommended due to the zero-detection status and potential for rapid evolution of the campaign. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f22d0db8-d873-42e2-8795-3c8c3ad7145b - PhishDestroy: https://phishdestroy.io/domain/trezsuiten.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/trezsuiten.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/trezsuiten.wixstudio.com/ Last updated: 2026-04-12