# learn-trst-io-en.pages.dev — SUSPICIOUS > learn-trst-io-en.pages.dev is a crypto drainer phishing site flagged by 0/95 VirusTotal vendors. Avoid interacting to prevent fund loss. Check before you click. ## Summary learn-trst-io-en.pages.dev — Crypto Drainer Phishing Investigation Report PhishDestroy identifies learn-trst-io-en.pages.dev as an active crypto drainer phishing domain currently under investigation by cybersecurity analysts. The site is designed to deceive users into connecting cryptocurrency wallets under false pretenses, enabling unauthorized digital asset transfers. This threat is categorized as a crypto drainer, distinct from generic phishing due to its direct targeting of blockchain wallets and tokens. At this time, the domain remains active and is not yet flagged by major security vendors. Technical analysis reveals the domain was registered through Cloudflare, Inc., and resolves to IP address 188.114.96.3. The domain currently shows no detections on VirusTotal (0 out of 95 security vendors), indicating it has evaded immediate recognition by automated scanning tools. The SSL certificate is issued by Google Trust Services, which may contribute to a false sense of legitimacy. While the exact creation date is not provided, this domain leverages Cloudflare Pages hosting, a legitimate platform often abused by threat actors to rapidly deploy malicious sites. Further monitoring is required to assess its inclusion on blocklists or threat intelligence feeds. Given the high-risk nature of crypto drainer phishing campaigns, which can result in irreversible financial losses, users are strongly advised to avoid interacting with learn-trst-io-en.pages.dev. If you have accessed this domain, disconnect your wallet immediately and revoke any unauthorized permissions. To prevent exposure, verify domains using reputable threat intelligence platforms or browser-based security extensions before entering sensitive information. Organizations are encouraged to update browser blocklists and educate users on recognizing crypto drainer tactics, including urgent wallet connection requests and fraudulent token airdrop claims. The investigation remains ongoing, and additional indicators will be released as intelligence develops. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8d758850-720f-4d21-ab01-6a4337bc6ae1 - PhishDestroy: https://phishdestroy.io/domain/learn-trst-io-en.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/learn-trst-io-en.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/learn-trst-io-en.pages.dev/ Last updated: 2026-03-22