# tronapi.sagecrypto.store — SUSPICIOUS

> tronapi.sagecrypto.store targets crypto wallet users with phishing attempts. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies tronapi.sagecrypto.store as a domain under active investigation for cryptocurrency wallet phishing threats. The specific risk involves attempts to deceive users into revealing sensitive wallet credentials or private keys. Currently, the risk level is categorized as under investigation while further analysis determines the scope and impact.

This domain uses an SSL certificate issued by Let's Encrypt to appear legitimate. VirusTotal analysis indicates zero detections out of 95 engines, meaning it is not flagged by major antivirus providers at this time. The domain resolves to IP address 46.202.186.92. No specific blocklist or registrar data was provided. These indicators suggest the actors behind this threat are attempting to evade detection by using trusted certificates and low-profile hosting.

To mitigate risks associated with tronapi.sagecrypto.store, users should avoid interacting with unsolicited links related to crypto wallet services, especially those requesting private keys or login credentials. Security teams should monitor the resolving IP and SSL certificates for changes and consider adding network-level blocking if suspicious behavior escalates. End-users are advised to verify URLs carefully and use multi-factor authentication on their crypto platforms to reduce exposure to phishing attempts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 46.202.186.92

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6e53439f-0e83-47ac-af2d-08f97142de4e
- PhishDestroy: https://phishdestroy.io/domain/tronapi.sagecrypto.store/
- LLM endpoint: https://phishdestroy.io/domain/tronapi.sagecrypto.store/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tronapi.sagecrypto.store/
Last updated: 2026-03-24