# payment.ads-program-agency.com — MALICIOUS > Beware: payment.ads-program-agency.com is a crypto drainer impersonating Ads Program Agency. Flagged by 9 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies payment.ads-program-agency.com as an active crypto drainer posing as Ads Program Agency, currently flagged by security vendors. The domain was created on March 20, 2026, and is registered through Gransy, s.r.o. It resolves to IP 104.21.68.135 and has been flagged by 9 of 95 VirusTotal vendors, indicating elevated risk. This domain exhibits multiple red flags, including a recently acquired SSL certificate from Let's Encrypt, a low trust score from security vendors, and a high-risk IP address. The domain's recent creation date (March 20, 2026) is highly suspicious, as threat actors often register new domains to evade detection. The presence of a crypto drainer suggests that users who interact with this site may unknowingly transfer cryptocurrency to attacker-controlled wallets. The domain's low detection rate (9/95) implies that many security tools have not yet flagged it, increasing the risk of successful exploitation. Currently, payment.ads-program-agency.com remains active and poses a significant threat to unsuspecting users. PhishDestroy strongly recommends avoiding interaction with this domain and verifying its safety using the PhishDestroy tool. Users who have already visited this site should immediately check their cryptocurrency wallets for unauthorized transactions and revoke any suspicious approvals. Additionally, report this domain to PhishDestroy to help protect others from falling victim to this crypto drainer. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-20 03:07:02 - Registrar: Gransy, s.r.o. - IP: 104.21.68.135 ## Detection Status - VirusTotal: 9 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/cc286f5e-9af9-4901-9b04-801886a7315e - PhishDestroy: https://phishdestroy.io/domain/payment.ads-program-agency.com/ - LLM endpoint: https://phishdestroy.io/domain/payment.ads-program-agency.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/payment.ads-program-agency.com/ Last updated: 2026-03-22