PCrisk.com
trozr-eiwuy.deylaa12.workers.dev favicon

trozr-eiwuy.deylaa12.workers[.]dev

Category: Phishing

Scanned: Apr 26, 2026, 01:44 PM UTC · First seen: Apr 26, 2026 · Threat Engines: 11 / 94 · Times Scanned: 1
5 / 100 Trust Score Based on scan findings at the time of analysis
Potentially Dangerous
0 - High Risk50 - Moderate100 - No Threats
Fresh scan recommended
Last scanned 16 days ago - security status may have changed since then.
Not scanned has not been scanned yet. Hit Scan Now to check it.

Scans can take up to 5 minutes to complete. Please keep this tab open - we'll redirect you to the report when it's ready.

Failed
Scan unavailable
Scan failed
Protect yourself from potentially harmful websites
Combo Cleaner's real-time web protection module actively blocks access to scam, phishing & malware-infected websites.
★★★★★ 4.8 / 5 Recommended by PCrisk.com editors Windows · Mac · Android · iOS
Download Combo Cleaner Free scan · no signup

To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

Screenshot of trozr-eiwuy.deylaa12.workers[.]dev Captured Apr 26, 2026
https://trozr-eiwuy.deylaa12.workers[.]dev
Screenshot of trozr-eiwuy.deylaa12.workers.dev
This website has been flagged as potentially harmful
Screenshot blurred for safety. Multiple security engines flagged potential threats at the time of scanning.
7 years (workers.dev)
Not Ranked - This website does not appear in the Tranco top list
Flagged by 11 of 94 engines
✓ Valid (TLS)
Cloudflare, Inc.
Toronto, Canada
cloudflare
Unknown
104.21.30.64
Domain & WHOIS Information
Registrar CloudFlare, Inc.
Registered February 8, 2019 (workers.dev)
Expires February 8, 2027
Name Servers clyde.ns.cloudflare.com
DNSSEC Unsigned
Hosting Cloudflare, Inc.
This site is hosted on workers.dev - a free hosting platform. The WHOIS data above belongs to the platform, not to trozr-eiwuy.deylaa12.workers[.]dev. The actual creation date of this subdomain is unknown and could be as recent as today.
Reputation & Threat Check 94 security engines checked
11
11 of 94 engines flagged this website Flagged by 11 security vendors at the time of scanning
Not flagged Flagged
Flagged by 11 of 94 engines
Direct Threat Database Sources
Google Not listed Spamhaus DBL Not listed SURBL Listed Spamhaus ZEN Not listed Barracuda Not listed SpamCop Not listed Spamhaus ZRD Not listed URLhaus Not listed Phishtank Not listed QBMA Not listed
View detailed engine results on VirusTotal
File Scan Summary Powered by Quttera Engine
10 files scanned
No threats
10
Low Risk
0
Medium Risk
0
High Risk
0
No threats Low Risk Medium Risk High Risk
trozr-eiwuy.deylaa12.workers.dev/# 3.5 KB No threats
trozr-eiwuy.deylaa12.workers.dev/img/logo.png 12.7 KB No threats
trozr-eiwuy.deylaa12.workers.dev/img/device.gif 10.0 KB No threats
trozr-eiwuy.deylaa12.workers.dev/img/icon.png 3.0 KB No threats
trozr-eiwuy.deylaa12.workers.dev/js/jquery.js 85.5 KB No threats
trozr-eiwuy.deylaa12.workers.dev/js/bootstrap.min.js 59.1 KB No threats
trozr-eiwuy.deylaa12.workers.dev/js/cdn-jquery.js 24.6 KB No threats
trozr-eiwuy.deylaa12.workers.dev/css/bootstrap.min.css 226.7 KB No threats
trozr-eiwuy.deylaa12.workers.dev/css/main.css 4.3 KB No threats
trozr-eiwuy.deylaa12.workers.dev/js/img/alert.svg 16 B No threats
External Links & Domains
12
External Links
All Clean
0
Iframes
Clean
3
Referenced Domains
All Clean
0
Flagged Resources
None Detected
http://trozr-eiwuy.deylaa12.workers.dev/./css/bootstrap.min.cssNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./css/main.cssNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./img/alert.svgNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./img/device.gifNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./img/icon.pngNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./img/logo.pngNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./js/bootstrap.min.jsNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./js/cdn-jquery.jsNot flagged
http://trozr-eiwuy.deylaa12.workers.dev/./js/jquery.jsNot flagged
https://fonts.googleapis.comNot flagged
https://fonts.googleapis.com/css2?family%3DOpen+Sans:ital,wght@0,300..800%3B1,300..800&display%3DswapNot flagged
https://fonts.gstatic.comNot flagged
fonts.googleapis.comNot flagged
fonts.gstatic.comNot flagged
trozr-eiwuy.deylaa12.workers.devNot flagged
trozr-eiwuy.deylaa12.workers[.]dev Overview

Description of trozr-eiwuy.deylaa12.workers[.]dev

This webpage appears to present itself as a Trezor Suite interface related to cryptocurrency wallet access and recovery. The page title references "Trezor Suite," and the screenshot shows a form asking visitors to restore a wallet using a mnemonic phrase, including fields for entering 12 to 33 recovery words. That type of prompt is associated with cryptocurrency wallet recovery workflows, but it is highly sensitive because seed phrases provide full access to wallet funds.

The domain itself is hosted on a workers.dev subdomain rather than an obvious official brand domain, which may indicate a custom page deployed on a cloud edge-hosting platform. Based on the branding shown in the screenshot, the page appears to imitate or reference the Trezor hardware-wallet ecosystem rather than operating as an independently branded service. No clear evidence in the provided data identifies the actual operator of this specific page.

Safety Assessment for trozr-eiwuy.deylaa12.workers[.]dev

Multiple signals suggest elevated risk at the time of this scan. The site was categorized by multiple web-classification providers as phishing or fraud-related, and 11 out of 94 security engines flagged the URL. In addition, the screenshot shows a wallet recovery form requesting a mnemonic phrase, which is a common tactic used in cryptocurrency credential theft because recovery phrases can be used to take control of a wallet.

Although the malware scan did not detect malicious files and several blacklist databases did not list the site at the time of review, those findings do not outweigh the phishing-related indicators. The use of a cloud-hosted workers.dev subdomain, the Trezor branding, and the request for highly sensitive wallet recovery words together suggest the page may be attempting to impersonate a legitimate cryptocurrency service. Based on these findings, this website may pose potential risks to visitors.

Technical Description

The site uses a valid TLS certificate issued by a mainstream certificate authority, is served through Cloudflare infrastructure, and resolves to an IP associated with Cloudflare hosting in Canada. The domain uses Cloudflare nameservers and appears to be deployed on a workers.dev subdomain, which is commonly used for edge-hosted applications and temporary web deployments.

DNSSEC appears to be unsigned, and the reported protocol details are incomplete. While the certificate is valid, HTTPS alone does not establish legitimacy. From a technical-risk perspective, the main concern is not transport security but the apparent collection of cryptocurrency recovery phrases through a branded interface that may not belong to the official service.

HTTP Redirect Chain
No redirects detected - direct connection to destination
Website Insights
Not Ranked
Tranco Rank
Not in Top 1M
Visitors Unknown
Category: Phishing
Rank History (30 days)
No rank data available
No cookies data available
Dispute This Score For website owners
Believe this score is inaccurate?
If you are the website owner and believe the scan results contain errors or false positives, you can submit a dispute for manual review. Our team typically responds within 1-2 business days.
You will be asked to verify your email before the dispute can be processed.
By submitting this form, you confirm that the information provided is accurate. Disputes are reviewed manually and results may take up to 48 hours to update.
One more step..
To submit your dispute for trozr-eiwuy.deylaa12.workers[.]dev, please click the verification link we just emailed you. Once verified, we'll review it within 1–2 business days.
This report was generated automatically and is provided for informational purposes only. Results are based on a point-in-time scan and may contain false positives or incomplete data. This does not constitute a security audit or certification. No vendor in the market can guarantee a 100% detection rate. If you believe this report is inaccurate, please submit a dispute.
Similar Recently Scanned
cantrail.com screenshot
cantrail[.]com
Potentially Dangerous 5/100
youareanidiot.org screenshot
youareanidiot[.]org
Potentially Dangerous 5/100
typeform.com screenshot
typeform.com
No Threats Found 91/100
twpaycards.fi screenshot
twpaycards[.]fi
Potentially Dangerous 5/100
ateesafinancialstewards.com screenshot
ateesafinancialstewards[.]com
Potentially Suspicious 34/100
qledgerx.com screenshot
qledgerx[.]com
Potentially Suspicious 24/100
weabridege.online screenshot
weabridege[.]online
Moderate Risk 42/100
nexfengrowth.com screenshot
nexfengrowth[.]com
Potentially Dangerous 18/100

Share your experience with this website. Was it safe? Did you encounter any issues?