# eng-s-uit-use.pages.dev — MALICIOUS

> eng-s-uit-use.pages.dev is a live crypto drainer phishing domain flagged by 16/95 VirusTotal vendors. Analyze this crypto-scamming threat now.

## Summary
PhishDestroy identifies eng-s-uit-use.pages.dev as an active crypto drainer phishing domain distributing malicious payloads to steal cryptocurrency assets from unsuspecting victims. This domain mimics legitimate UI/UX frameworks to deceive users into connecting wallets or entering seed phrases under false pretenses. Security telemetry confirms the presence of a drainer kit designed to siphon funds from connected cryptocurrency wallets, including Ethereum, Solana, and other EVM-compatible chains, through unauthorized transaction signing requests.

Technical analysis reveals this domain was registered through Cloudflare, Inc. and resolves to IP address 188.114.97.3. The domain holds a valid SSL certificate issued by Google Trust Services, which may contribute to its perceived legitimacy. VirusTotal scanning shows a detection ratio of 16 out of 95 security vendors, indicating partial recognition within the security community. The domain remains unflagged by Google Safe Browsing (GSB) at this time, and no public blocklist entries were identified during the initial assessment. The domain is hosted on Cloudflare Pages, a legitimate service often abused by threat actors for rapid deployment of phishing infrastructures.

As of the latest assessment, eng-s-uit-use.pages.dev remains active with an elevated risk profile. Immediate response actions include blocking the domain at the network perimeter and updating endpoint detection rules to quarantine any associated payloads. Users are strongly advised to avoid accessing this domain and to verify all URLs before entering sensitive information or connecting wallets. Remaining risk includes potential evolution of the drainer kit or expansion to additional phishing pages. Continuous monitoring and threat intelligence sharing are recommended to prevent further exploitation.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e3f68135-30ed-46f5-8dfd-c515e53441ff
- PhishDestroy: https://phishdestroy.io/domain/eng-s-uit-use.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eng-s-uit-use.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eng-s-uit-use.pages.dev/
Last updated: 2026-03-22