# asterportal.pages.dev — SUSPICIOUS > asterportal.pages.dev hosts a crypto drainer stealing wallet funds. Detected on VirusTotal 0/95 scans. Verify on PhishDestroy immediately for safety. ## Summary PhishDestroy identifies asterportal.pages.dev as an active crypto drainer phishing domain designed to steal cryptocurrency wallet credentials and drain assets. This domain impersonates a legitimate portal interface to trick users into connecting fraudulent wallet connections. The threat operates by presenting a fake login or transaction confirmation screen that captures private keys or initiates unauthorized blockchain transactions. Technical analysis shows the domain resolves to IP 188.114.97.3 and leverages Cloudflare’s infrastructure for evasion, making detection challenging for traditional security tools. This domain was flagged under seed c83df3 with a VirusTotal detection rate of 0 out of 95 scanners at time of analysis. The domain was registered through Cloudflare, Inc., using Google Trust Services for its SSL certificate to appear legitimate. The infrastructure is hosted on Cloudflare’s network, which provides anonymity and rapid rotation capabilities, complicating takedown efforts. The domain is currently unlisted on major blocklists, indicating a newly active campaign with low signature coverage. If you visited asterportal.pages.dev, disconnect your device from the internet immediately to prevent ongoing data exfiltration. Do not interact with any wallet prompts or login forms on this domain. Scan your device using PhishDestroy’s verification tool to check for installed malware or rogue browser extensions. Revoke any wallet connections made while on this domain using your wallet’s “Connected Apps” or “Revoked” section. Report the domain to your wallet provider and consider transferring assets to a new, isolated wallet. Enable hardware wallet signing and multi-factor authentication to prevent unauthorized access. Stay vigilant: this domain may redirect to similar malicious variants under asterportal.* subdomains. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/400f0258-62e1-44c9-ba3e-dcaffd1137fe - PhishDestroy: https://phishdestroy.io/domain/asterportal.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/asterportal.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/asterportal.pages.dev/ Last updated: 2026-04-12