# hub-en-io-trezo-dev.pages.dev — MALICIOUS

> Warning: hub-en-io-trezo-dev.pages.dev is a high-risk phishing domain now offline. Avoid clicking links or sharing info if encountered.

## Summary
PhishDestroy identifies hub-en-io-trezo-dev.pages.dev as a high-risk generic phishing domain designed to deceive users and steal sensitive data. Phishing attacks remain a leading cyber threat due to their ability to trick victims into revealing credentials or financial information, making vigilance critical. This domain’s malicious activity represents a direct threat to personal and organizational security.

Analysis reveals that hub-en-io-trezo-dev.pages.dev was registered through Cloudflare, Inc. on February 21, 2026. It appeared on one security blocklist, and 13 out of 95 security vendors flagged it on VirusTotal, underscoring its malicious intent. Currently, the domain is offline, likely removed to disrupt ongoing phishing campaigns. Its use of a pages.dev subdomain hints at abuse of legitimate hosting platforms to evade detection.

Users should exercise caution by avoiding any links or communications referencing this domain. Even though it is offline, cached pages or copied URLs can still pose risks if reused or mirrored. It is recommended to maintain updated security software, verify URLs carefully before entering credentials, and report suspicious activity to cybersecurity teams or services like PhishDestroy for ongoing protection.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.150
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["yahir.ns.cloudflare.com", "lina.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a2a1f-9e36-734d-b711-3c7bd270340b.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/de4f7e4e-7884-4831-9e22-113e7e8423dd
- PhishDestroy: https://phishdestroy.io/domain/hub-en-io-trezo-dev.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/hub-en-io-trezo-dev.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hub-en-io-trezo-dev.pages.dev/
Last updated: 2026-03-19