# leztruvin.pro — SUSPICIOUS

> leztruvin.pro is a verified crypto drainer scam. Flagged by 2 of 95 VirusTotal vendors, verify safety on PhishDestroy before interacting.

## Summary
PhishDestroy identifies leztruvin.pro as an active crypto drainer scam posing as an investment or trading platform. The domain is currently flagged by security researchers and is associated with malicious activities designed to steal cryptocurrency assets. Users should avoid any interaction with this domain and report it immediately to prevent further victimization.

This domain was flagged by 2 of 95 VirusTotal security vendors, indicating low initial detection but high potential for future malicious activity. leztruvin.pro resolves to IP address 172.67.142.217, was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, and was created on March 17, 2026. The domain holds an SSL certificate issued by Google Trust Services, which may be leveraged to appear legitimate to unsuspecting users. These indicators suggest this domain is a recent, high-risk threat actively being monitored by cybersecurity professionals.

Given the elevated risk level and active status of this crypto drainer scam, users are strongly advised to block this domain at the network level and avoid visiting the website entirely. Verify any cryptocurrency-related domains through PhishDestroy’s domain safety check before engaging. If this domain has been encountered in emails, messages, or advertisements, report it to the appropriate platform and local cybercrime authorities. Stay vigilant against fraudulent investment schemes and always verify platform legitimacy through trusted third-party sources before transferring funds.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-17 10:47:19
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.142.217

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e0b42775-b3dc-4454-a035-c4e627df22ec
- PhishDestroy: https://phishdestroy.io/domain/leztruvin.pro/
- LLM endpoint: https://phishdestroy.io/domain/leztruvin.pro/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leztruvin.pro/
Last updated: 2026-03-27