# docs--trrezor-codn.gitbook.io — MALICIOUS

> Avoid docs--trrezor-codn.gitbook.io, a high-risk phishing site. Do not enter personal info and report suspicious activity immediately.

## Summary
PhishDestroy identifies docs--trrezor-codn.gitbook.io as an active domain engaged in generic phishing attacks, carrying a high risk to users. The domain attempts to deceive visitors into divulging sensitive information, potentially leading to identity theft or financial loss.

Supporting this assessment, 12 out of 95 security vendors on VirusTotal flag this domain as malicious. The domain resolves to IP address 104.18.40.47 and is registered via Cloudflare, Inc. Despite being created in 2014, the domain’s current usage aligns with phishing activity, leveraging the GitBook subdomain format to appear legitimate.

Users are advised to avoid interacting with this domain and not to provide any personal or financial data. PhishDestroy currently marks the domain as active and recommends reporting any suspicious encounters to relevant authorities. Employing strong email filters and updated anti-phishing tools will help mitigate exposure risks.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Trezor.io/Start® |  Starting Up Your Device | Trezor®

## Domain Intelligence
- Registered: 2014-03-30 06:09:09
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 104.18.40.47
- Nameservers: dahlia.ns.cloudflare.com hugh.ns.cloudflare.com

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Netcraft", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cfbb9-9650-7413-a0ff-fd604088e26b.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b8d80a90-2b51-408a-9108-908cdcf3f7c2
- PhishDestroy: https://phishdestroy.io/domain/docs--trrezor-codn.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/docs--trrezor-codn.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/docs--trrezor-codn.gitbook.io/
Last updated: 2026-03-19