# tzore-brige-cloud.pages.dev — SUSPICIOUS

> PhishDestroy identifies tzore-brige-cloud.pages.dev hosting a fake cloud storage login scam. Only 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies an active phishing domain, tzore-brige-cloud.pages.dev, impersonating a cloud storage login portal to harvest credentials. The site is currently under investigation with a risk level classified as active. The threat type is generic_phishing, indicating a broad attempt to trick users into entering sensitive information such as usernames and passwords under false pretenses. This domain is part of a larger campaign leveraging trusted services to lower user suspicion and increase the likelihood of success.  This domain was flagged by PhishDestroy on seed d73cdd and resolves to IP 172.66.47.9. It was registered through Cloudflare, Inc. and is protected by an SSL certificate issued by Google Trust Services, which may contribute to its deceptive appearance. VirusTotal currently shows 0/95 detections, meaning none of the analyzed engines have flagged this domain as malicious, though this does not guarantee its safety. The domain uses Cloudflare Pages for hosting, a legitimate service that has been abused for phishing purposes due to its ease of deployment and masking capabilities. The IP address 172.66.47.9 is associated with Cloudflare’s infrastructure, further complicating takedown efforts. As of the latest analysis, this domain does not appear on any public blocklists or threat intelligence feeds.  PhishDestroy recommends immediate action to mitigate the risk posed by this domain. Users should avoid accessing tzore-brige-cloud.pages.dev or any subpages under this domain. Organizations should implement DNS filtering to block resolution of this domain and monitor for any associated indicators of compromise (IOCs) in their networks. Additionally, users who may have entered credentials on this site should change their passwords immediately and enable multi-factor authentication (MFA) where available. Security teams should also check firewall and proxy logs for any connections to 172.66.47.9 or the domain name itself. Given the use of Cloudflare Pages and a Google Trust Services certificate, traditional blocklisting may be insufficient, so behavioral analysis and user awareness training are critical. Report any incidents to your internal security team or PhishDestroy for further analysis and inclusion in threat intelligence feeds.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.9

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/975f00b2-f84a-4431-badb-54aa5e284528
- PhishDestroy: https://phishdestroy.io/domain/tzore-brige-cloud.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/tzore-brige-cloud.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tzore-brige-cloud.pages.dev/
Last updated: 2026-03-23