# suits-web-treazr.pages.dev — MALICIOUS

> suits-web-treazr.pages.dev hosts a crypto drainer phishing page detected by 5/95 scanners. Full forensic analysis with kill-chain indicators and remediation.

## Summary
PhishDestroy identifies suits-web-treazr.pages.dev as an active crypto drainer phishing domain leveraging Cloudflare Pages to host a fake “Suits” wallet interface. The payload is designed to siphon cryptocurrency from victims who connect their wallets. No high-profile brand is mimicked beyond the generic “Suits” nomenclature; the drainer kit is a customized, open-source variant detected by multiple scanners as a crypto-asset theft tool. The threat type is specifically a fake wallet crypto drainer, not generic phishing activity.  

Forensic indicators include a VirusTotal detection ratio of 5/95 security vendors, an IP address of 188.114.97.3, registration through Cloudflare, Inc., a Google Trust Services SSL certificate, and an elevated risk classification. Creation date is not publicly disclosed due to Cloudflare’s privacy redirection layer. The domain remains unlisted on Google Safe Browsing and has accrued at least four independent blocklist entries at the time of analysis. The infrastructure is hosted on Cloudflare’s edge network, providing resilience against takedowns and rapid propagation across geographies.  

Current status is active with persistent availability via Cloudflare Pages and CDN resilience. No known takedown action has been executed as of the latest scan epoch. Remaining risk is elevated due to the drainer kit’s functionality and the domain’s use of legitimate hosting infrastructure. PhishDestroy recommends immediate network-level blocking of 188.114.97.3 and domain-wide DNS sinkholing for suits-web-treazr.pages.dev. Users should avoid interacting with any “Suits” wallet interface and verify wallet domains via official project websites before connecting funds.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c6cd1c15-0d10-466e-96ff-651a81acf31d
- PhishDestroy: https://phishdestroy.io/domain/suits-web-treazr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/suits-web-treazr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/suits-web-treazr.pages.dev/
Last updated: 2026-03-22