# tresor-sui--t.pages.dev — SUSPICIOUS

> tresor-sui--t.pages.dev, a crypto drainer, is flagged by 1 of 95 VirusTotal vendors. Analyze this elevated-risk domain now.

## Summary
PhishDestroy identifies tresor-sui--t.pages.dev as an active crypto drainer domain posing significant risks to cryptocurrency holders. This fraudulent site mimics legitimate crypto platforms to trick users into connecting their wallets, enabling unauthorized token transfers. Security vendors have already flagged this domain, with VirusTotal reporting 1 detection out of 95 scans. The domain resolves to IP 188.114.96.3 and operates under a Google Trust Services SSL certificate, giving it an air of legitimacy that masks its malicious intent. 

This domain was flagged through Cloudflare's infrastructure, with VirusTotal confirming a single security vendor detection (1/95). The domain's recent creation and association with a crypto drainer campaign suggest it's part of a broader phishing operation targeting unsuspecting users. The domain's structure—tresor-sui--t.pages.dev—employs subtle misspellings and hyphenation to appear authentic while avoiding direct brand impersonation. 

If you visited this site, disconnect your wallet immediately and revoke any unauthorized permissions. Scan your device for malware using reputable antivirus tools and consider rotating all wallet credentials. Report the incident to your wallet provider and relevant cybersecurity authorities. Stay vigilant for unusual transaction confirmations or unauthorized asset movements in your wallet.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/44282be5-8b68-4ece-8f61-1e543d164cdd
- PhishDestroy: https://phishdestroy.io/domain/tresor-sui--t.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/tresor-sui--t.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tresor-sui--t.pages.dev/
Last updated: 2026-03-22