# use-trzr-suite-app.pages.dev — SUSPICIOUS

> use-trzr-suite-app.pages.dev hosts a crypto wallet drainer kit with 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies an active crypto wallet drainer campaign impersonating a 'TRZR Suite' application hosted on use-trzr-suite-app.pages.dev. This domain leverages Cloudflare Pages to deliver a malicious JavaScript drainer kit designed to siphon cryptocurrency assets from unsuspecting users. The threat type is classified as a crypto wallet drainer phishing campaign, with the domain mimicking legitimate crypto wallet suites to deceive victims into connecting their wallets and authorizing fraudulent transactions.  

This domain was flagged with a VirusTotal detection score of 0/95 as of the latest scan, indicating it remains undetected by most antivirus engines. It resolves to the IP address 188.114.96.3, which is associated with Cloudflare’s infrastructure. The domain was registered through Cloudflare, Inc., and utilizes an SSL certificate issued by Google Trust Services, adding a veneer of legitimacy. The current blocklist count for this domain is zero, suggesting it is a recently deployed or stealthily operated campaign.  

The campaign is currently active, with no confirmed takedown or blocklist inclusion at this stage. Users are advised to avoid interacting with this domain or any associated links. The remaining risk is high, as the domain’s infrastructure and lack of detections make it a persistent threat. Immediate action includes blocking the domain at the network level, updating threat intelligence feeds, and warning users about the campaign. Further investigation is required to identify additional infrastructure and mitigate the risk of asset loss.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/use-trzr-suite-app.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/use-trzr-suite-app.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/use-trzr-suite-app.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/use-trzr-suite-app.pages.dev/
Last updated: 2026-04-05