# tersre-o-suiites.pages.dev — SUSPICIOUS

> tersre-o-suiites.pages.dev is a crypto drainer site mimicking a luxury brand. 2/95 VirusTotal scanners flagged it—verify with PhishDestroy before interacting.

## Summary
tersre-o-suiites.pages.dev is flagged as an active crypto drainer impersonating a luxury hotel suite brand. The domain serves a fake booking page designed to siphon cryptocurrency from victims via a drainer kit embedded in the checkout flow. Behavioral analysis indicates real-time wallet connection requests and transaction simulation prompts typical of modern JavaScript-based drainers.    Forensic indicators are precise: VirusTotal shows 2 out of 95 security vendors flagging the domain, indicating low detection despite active malicious hosting. Registered through Cloudflare, Inc., the domain resolves to IP 188.114.97.3 and leverages a Google Trust Services SSL certificate for legitimacy signaling. While the exact creation date is not publicly disclosed, the domain’s presence on phishing blocklists and recent detection timestamp confirm recent deployment. Google Safe Browsing (GSB) currently lists this domain as unsafe.    The domain remains active and unblocked on major browsers as of the latest scan. PhishDestroy has flagged this domain as elevated risk and recommends immediate blocking at the network perimeter. Users are advised to avoid interaction and verify any links via PhishDestroy’s real-time scanner before proceeding. Remaining risk is high due to active hosting, low vendor detection, and drainer kit persistence on the page.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/779608a6-a52a-44ba-9d29-062a288e5100
- PhishDestroy: https://phishdestroy.io/domain/tersre-o-suiites.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/tersre-o-suiites.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tersre-o-suiites.pages.dev/
Last updated: 2026-03-22