# presale-dogeuprising.pages.dev — SUSPICIOUS > This Cloudflare Pages domain hosts a Dogecoin phishing scam. It has a 1/95 VirusTotal detection rate and uses Google Trust Services SSL. ## Summary PhishDestroy identifies presale-dogeuprising.pages.dev as a Dogecoin-themed phishing domain leveraging Cloudflare Pages infrastructure to impersonate a fake presale event. The threat type is classified as generic phishing with an elevated risk profile, indicating active credential harvesting or cryptocurrency drainer activity targeting Dogecoin investors. No specific drainer kit has been identified in open-source intelligence, but the domain structure suggests a standard web3 phishing template designed to mimic legitimate presale landing pages. The use of Cloudflare Pages allows threat actors to rapidly deploy and rotate infrastructure while maintaining SSL encryption via Google Trust Services, increasing perceived legitimacy among potential victims. This domain was flagged by PhishDestroy with a VirusTotal detection ratio of 1 out of 95 security vendors as of the latest scan. It is registered through Cloudflare, Inc. and resolves to IP address 188.114.97.3. The domain utilizes a Google Trust Services SSL certificate to enhance trustworthiness. While the exact creation date is not publicly disclosed in WHOIS records due to Cloudflare's privacy protection, the active status and recent detection metrics indicate ongoing malicious operations. The domain has not been flagged by Google Safe Browsing (GSB) at this time, but the low VT detection rate and elevated risk classification suggest it remains under the radar of most automated defenses. Current blocklist counts are not specified in available threat intelligence feeds, but its active status and low detection rate imply limited proactive blocking by security vendors. As of the latest analysis, presale-dogeuprising.pages.dev remains active and poses an elevated risk to cryptocurrency users, particularly those interested in Dogecoin-related investments. Immediate response actions include blocking the domain at the network level and updating firewall rules to prevent access from organizational environments. Users are advised to avoid interacting with this domain entirely, as it likely serves as a frontend for credential harvesting or cryptocurrency drainer operations. The remaining risk is assessed as elevated due to the domain's active status, low detection rate, and use of legitimate hosting and SSL services to obscure malicious intent. Security teams should monitor for related infrastructure and update threat intelligence feeds accordingly to prevent further exploitation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/52b073ac-3390-4ddf-8f7e-ae44470e7e76 - PhishDestroy: https://phishdestroy.io/domain/presale-dogeuprising.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/presale-dogeuprising.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/presale-dogeuprising.pages.dev/ Last updated: 2026-03-22