# treezurioosattrat.webflow.io — MALICIOUS > Discover why treezurioosattrat.webflow.io is flagged for phishing. Learn about its risks and how to protect yourself from this active threat. ## Summary PhishDestroy identifies treezurioosattrat.webflow.io as a high-risk domain engaged in generic phishing activities. This domain poses a significant threat to users attempting to access legitimate services but instead falling victim to credential theft or fraud. Supporting evidence includes its resolution to IP address 172.64.151.8 and detection by 12 out of 95 security vendors on VirusTotal, indicating a broad consensus on its malicious nature. The domain's hosting on the Webflow platform may be exploited to lend an appearance of legitimacy, making it crucial for users to exercise caution. Currently flagged as active, this domain demands immediate attention from cybersecurity teams and end-users alike. PhishDestroy recommends blocking access to this URL, monitoring network traffic for related indicators, and educating users on recognizing phishing attempts to mitigate risk effectively. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 200) - Page title: Trezor.io/start ## Domain Intelligence - Registered: 2026-03-05 13:07:01 - Registrar: MarkMonitor, Inc. - Country: US - IP: 172.64.151.8 - IP Country: US - IP City: San Francisco - IP Org: AS13335 Cloudflare, Inc. - Nameservers: NS_NOT_FOUND - SSL Issuer: Google Trust Services / WE1 ## Detection Status - VirusTotal: 18 vendors flagged Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "Phishtank", "Sophos", "Trustwave", "VIPRE", "Webroot"] - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["PhishDestroy"] ## Live Page Content - Meta description: Trezor.io/Start. Trezor wallets never expose your digital asset information to an insecure environment connected to the internet. Pick privacy and control your UTXOs with the … - Meta title: Trezor.io/start ### Page Text Trezor.io/start Tɾҽȥσɾ.ισ/ʂƚαɾƚ - Tɾҽȥσɾ* Hαɾԃɯαɾҽ Wαʅʅҽƚ ### External Scripts - https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64c9e74ffe3deb1da9c84732 - https://cdn.prod.website-files.com/64c9e74ffe3deb1da9c84732/js/webflow.24a563ff7.js ### External Links - https://distrypromited.com/5b2c2984-6798-491c-b0a6-fda57a9dad2e ## Evidence - Screenshot: https://urlscan.io/screenshots/019cc135-b481-75e8-839e-49fb5f509e5b.png - Cloudflare Radar: https://radar.cloudflare.com/domains/treezurioosattrat.webflow.io - Wayback Machine: https://web.archive.org/web/https://treezurioosattrat.webflow.io - PhishDestroy: https://phishdestroy.io/domain/treezurioosattrat.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/treezurioosattrat.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/treezurioosattrat.webflow.io/ Last updated: 2026-03-16