# trezor-us-logi.pages.dev — MALICIOUS

> Trezor-us-logi.pages.dev is a high-risk phishing domain flagged by multiple security sources. Learn more to protect yourself from potential scams.

## Summary
PhishDestroy identifies trezor-us-logi.pages.dev as a high-risk generic phishing domain targeting users by impersonating legitimate cryptocurrency services. The domain is associated with fraudulent attempts to steal sensitive login credentials, posing a significant risk to individuals seeking to access secure wallet platforms. Due to its phishing nature, unsuspecting users could be tricked into divulging private keys or account information.

The domain was registered on February 21, 2026, through Cloudflare, Inc., utilizing their Pages.dev hosting infrastructure. It has appeared on at least two known security blocklists and was flagged by 15 out of 95 security vendors on VirusTotal, indicating widespread detection across different threat intelligence platforms. The use of Cloudflare's content delivery network suggests an attempt to obscure the true hosting origin and leverage trusted infrastructure to avoid early detection.

Currently, trezor-us-logi.pages.dev is offline, likely removed or suspended following detection and reporting. PhishDestroy recommends users remain cautious and avoid interacting with this domain or any associated links. It is advisable to verify official URLs directly from trusted sources, enable multi-factor authentication on wallet services, and report any suspicious activity to cybersecurity authorities to prevent credential compromise.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Trezor
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.175
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["byron.ns.cloudflare.com", "joan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ca250-4af8-70eb-ad5b-eec75344c911.png
- PhishDestroy: https://phishdestroy.io/domain/trezor-us-logi.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/trezor-us-logi.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trezor-us-logi.pages.dev/
Last updated: 2026-03-19