# swift-multiwallet.pages.dev — SUSPICIOUS > swift-multiwallet.pages.dev is linked to crypto draining tactics with 2 blocklist hits. Check the full report for detailed threat insights. ## Summary swift-multiwallet.pages.dev has been identified as a domain involved in crypto drainer schemes, targeting users' cryptocurrency wallets. No specific brand association or drainer kit attribution has been confirmed at this point. The domain appears to be leveraging the Cloudflare Pages hosting platform, possibly to simulate legitimate multi-wallet services and lure victims. Technical analysis reveals that the domain currently holds a VirusTotal detection score of 0 out of 95, indicating it has not yet been flagged by antivirus engines. It was registered through Cloudflare, Inc. and resolves to IP address 188.114.96.3. The SSL certificate in use is issued by Google Trust Services. Although Google Safe Browsing status is not explicitly mentioned, the domain is listed on two distinct security blocklists, and it has been blocked by Enkrypt and ScamSniffer tools. These indicators suggest that some anti-fraud networks have already recognized its malicious potential. The domain remains active and is under ongoing investigation, classified with a risk level labeled 'under_investigation.' Security analysts recommend maintaining caution and avoiding any interaction with swift-multiwallet.pages.dev, particularly refraining from submitting wallet credentials or private keys. While it has not triggered antivirus engine detections, the presence on multiple blocklists and blocking by known scam detectors signals a credible threat. Users and organizations should update threat intelligence feeds and enforce blocking rules accordingly to mitigate potential crypto wallet draining risks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["Enkrypt", "ScamSniffer"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/554a9734-e604-4235-9f38-55642e6c9f48 - PhishDestroy: https://phishdestroy.io/domain/swift-multiwallet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/swift-multiwallet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/swift-multiwallet.pages.dev/ Last updated: 2026-03-24