# en-io-trzer.pages.dev — SUSPICIOUS

> en-io-trzer.pages.dev is involved in email credential harvesting. Flagged by 1 of 95 vendors. Check the full report for details and safety tips.

## Summary
PhishDestroy has identified the domain en-io-trzer.pages.dev as engaging in credential harvesting phishing campaigns. This activity is classified as a specific form of phishing that aims to capture sensitive login information from unsuspecting users. The domain is currently active and has not been reported as impersonating any well-known brand at this time.

Analysis reveals that en-io-trzer.pages.dev resolves to the IP address 172.66.44.133 and was registered via Cloudflare, Inc. It holds an SSL certificate issued by Google Trust Services, which may lend it a deceptive appearance of legitimacy. According to VirusTotal, 1 out of 95 security vendors have flagged this domain, indicating some suspicion but limited detection. Additional context includes no reported blocklist counts and no publicly available trust score, with registration details consistent with hosting through Cloudflare's infrastructure.

The domain remains active and poses an elevated risk to users who might encounter its phishing content. It is recommended that users avoid interacting with communications linked to this domain and that organizations implement domain filtering or blocking rules to prevent access. Security teams should continue monitoring for new reports and update defensive tools accordingly to mitigate potential credential compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.133

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9ab9f667-959d-4a18-a0a9-2040ce83a257
- PhishDestroy: https://phishdestroy.io/domain/en-io-trzer.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/en-io-trzer.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/en-io-trzer.pages.dev/
Last updated: 2026-03-26