# update-chrome.pages.dev — SUSPICIOUS

> Domain update-chrome.pages.dev linked to credential phishing delivering fake Chrome updates. Flagged by 1 of 95 VirusTotal vendors with IP 188.114.97.3.

## Summary
Domain update-chrome.pages.dev has been confirmed as an active credential phishing site targeting users with a fake Google Chrome update prompt. This domain impersonates the official Chrome browser update process, aiming to harvest login credentials and other sensitive information under the guise of a necessary software update.

Analysts identified this threat through verified threat intelligence sources. The domain triggered detection engines at VirusTotal, where it was flagged by 1 of 95 participating security vendors. Registered via Cloudflare, Inc., the domain resolves to IP address 188.114.97.3 and utilizes a Let's Encrypt SSL certificate to enhance credibility. The reported creation date precedes recent analysis, and the domain has not yet appeared on major blocklists, though trust scores remain critically low due to active phishing payloads.

As of current analysis, this credential phishing domain remains active and poses an elevated risk to users misled by the false Chrome update page. The domain uses Cloudflare infrastructure and SSL certificates to appear legitimate. Users are advised to avoid interacting with unsolicited update prompts, verify software sources directly from official domains (chrome.google.com), and report suspicious pages to browser vendors and cybersecurity teams. Organizations should update browser policies to block known malicious domains and educate employees on recognizing impersonation tactics in software update lures.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c26d613c-cfc0-435e-9e41-f0924b23a92b
- PhishDestroy: https://phishdestroy.io/domain/update-chrome.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/update-chrome.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/update-chrome.pages.dev/
Last updated: 2026-04-12