# trezorr-loggin-en.pages.dev — MALICIOUS

> trezorr-loggin-en.pages.dev is linked to phishing activity. Avoid interacting with this domain and report suspicious emails immediately.

## Summary
PhishDestroy identifies trezorr-loggin-en.pages.dev as a high-risk generic phishing domain targeting unsuspecting users. The domain mimics legitimate login portals to deceive victims into submitting sensitive credentials, potentially leading to financial loss or identity theft.

The domain was registered on February 21, 2026, via Cloudflare, Inc., and is hosted on the pages.dev platform. It appears on two prominent security blocklists and is flagged by 16 out of 95 antivirus vendors on VirusTotal, indicating widespread recognition of its malicious intent.

Currently, trezorr-loggin-en.pages.dev remains active and continues to pose a significant threat. Users are strongly advised to avoid any interaction with this domain, refrain from entering personal information, and ensure their security solutions are up to date. Reporting any related phishing attempts to security teams will help mitigate potential damage.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Trezor
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.81
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["harlee.ns.cloudflare.com", "hugh.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bbf86-a110-75fe-9400-492b481760da.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7d98a92f-1d7d-498c-bd0f-0dbc180c466a
- PhishDestroy: https://phishdestroy.io/domain/trezorr-loggin-en.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/trezorr-loggin-en.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trezorr-loggin-en.pages.dev/
Last updated: 2026-03-19