# r.gettrustpayment.live — SUSPICIOUS

> PhishDestroy identifies r.gettrustpayment.live as a crypto drainer phishing site. Avoid entering crypto wallet details.

## Summary
PhishDestroy flags r.gettrustpayment.live with an active crypto drainer threat, designed to steal cryptocurrency wallet credentials or directly drain funds. The domain employs deceptive tactics to impersonate legitimate payment services, tricking users into submitting sensitive wallet information or approving malicious transactions. Users should treat this domain with extreme caution and avoid any interaction involving digital assets.  r.gettrustpayment.live was analyzed with 0/95 VirusTotal detections, resolving to IP 185.246.190.216 using a Let's Encrypt SSL certificate. The domain is associated with a generic top-level domain (.live) and has not yet been listed on major blocklists or threat intelligence feeds. While its creation date and registrar details remain unverified in public sources, the absence of detections suggests this threat may be newly deployed or evolving in sophistication.  To mitigate risk, users should never enter wallet credentials or approve transactions on this domain. Verify the legitimacy of any payment-related site by cross-checking official channels or using PhishDestroy’s real-time threat lookup. If exposed, revoke any approved wallet connections immediately and transfer remaining funds to a secure wallet. Always use hardware wallets for critical transactions and enable multi-factor authentication where possible.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 185.246.190.216

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/r.gettrustpayment.live
- PhishDestroy: https://phishdestroy.io/domain/r.gettrustpayment.live/
- LLM endpoint: https://phishdestroy.io/domain/r.gettrustpayment.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/r.gettrustpayment.live/
Last updated: 2026-04-04