# trezr-log.pages.dev — SUSPICIOUS > PhishDestroy investigates trezr-log.pages.dev, a fake Trezor wallet phishing site hosted on Cloudflare with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies trezr-log.pages.dev as an active phishing domain impersonating the legitimate Trezor cryptocurrency wallet to steal user credentials and funds. This fraudulent site lures victims with deceptive branding, tricking them into entering recovery phrases or private keys under the guise of a wallet login or security update. Once submitted, attackers gain full control over victims’ crypto assets, leading to irreversible financial loss. Exercise extreme caution with any unsolicited links referencing cryptocurrency wallets. This domain was flagged due to its malicious intent and association with fraudulent wallet services. Intelligence reveals it resolves to IP address 172.66.47.177, registered through Cloudflare, Inc., and currently secured by a Google Trust Services SSL certificate—exploiting legitimate infrastructure to evade detection. Notably, VirusTotal currently shows 0 out of 95 security engines detecting the threat, highlighting how new or sophisticated phishing campaigns can bypass automated defenses. The domain’s recent appearance and use of Pages.dev (a legitimate service abused for hosting) further underscore the urgency of manual intervention. If you visited trezr-log.pages.dev, cease all interactions immediately and disconnect from the internet to prevent potential data exfiltration. Do not enter any wallet recovery phrases, private keys, or personal information. Scan your device with updated antivirus software and consider revoking access to any cryptocurrency accounts that may have been exposed. Report the domain to your email provider, browser, and platforms like PhishDestroy to help block further propagation. Warn others in your network to avoid this domain entirely. Strengthen wallet security by enabling two-factor authentication and using hardware wallets where possible to mitigate future risks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.177 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2961203a-d645-42cb-b904-d04a0641c7c7 - PhishDestroy: https://phishdestroy.io/domain/trezr-log.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/trezr-log.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/trezr-log.pages.dev/ Last updated: 2026-03-24