# c.gettrustpayment.live — SUSPICIOUS

> c.gettrustpayment.live is a crypto drainer impersonating trust payment services. VirusTotal shows 0/95 detections. Block immediately and avoid visiting.

## Summary
PhishDestroy identifies c.gettrustpayment.live as an active crypto drainer domain posing under the guise of a legitimate payment trust portal. This domain resolves to IP 185.246.190.216 and leverages a Let's Encrypt SSL certificate to appear credible. The site is designed to trick users into connecting crypto wallets under the false pretense of secure payment processing, enabling unauthorized fund transfers once wallet permissions are granted.  This domain was flagged with a VirusTotal detection rate of 0/95 engines at the time of analysis, indicating it remains undetected by most antivirus solutions despite its malicious intent. The domain is hosted on a bulletproof hosting provider and uses dynamic DNS through Let's Encrypt for rapid rotation and evasion. With no current blocklist presence and minimal detection, it represents a high-risk threat to users engaging in cryptocurrency transactions.  Users who visited c.gettrustpayment.live should immediately disconnect any connected crypto wallets, revoke any granted permissions via blockchain explorers, and scan devices with updated antivirus software. Report the domain to your browser’s safe browsing program and avoid interacting with any payment-related prompts on this site. Consider rotating wallet addresses and private keys if funds were exposed. Proactive monitoring for unauthorized transactions is strongly advised.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 185.246.190.216

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/c.gettrustpayment.live
- PhishDestroy: https://phishdestroy.io/domain/c.gettrustpayment.live/
- LLM endpoint: https://phishdestroy.io/domain/c.gettrustpayment.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/c.gettrustpayment.live/
Last updated: 2026-04-04