# trun-live-wallet.pages.dev — SUSPICIOUS

> PhishDestroy warns: trun-live-wallet.pages.dev is a live crypto drainer with 0/95 VirusTotal detections. Verify URLs before engaging to protect assets.

## Summary
PhishDestroy identifies trun-live-wallet.pages.dev as an active crypto drainer domain currently under investigation for malicious activity. This Pages.dev-hosted site is designed to intercept and steal cryptocurrency transactions, posing significant risk to users who interact with its wallet interfaces or transaction prompts. The domain leverages Pages.dev's infrastructure while operating under Cloudflare's CDN, making it harder to trace the true origin of the threat.  This domain was flagged with 0 detections out of 95 VirusTotal scans, indicating it has evaded automated detection systems to date. Registered through Cloudflare, Inc., the site holds a Google Trust Services SSL certificate, which may lend false legitimacy to users. The domain resolves to IP address 172.66.46.223, a Cloudflare IP that obscures the actual hosting location. The seed identifier 901b56 confirms this as a unique tracking instance of this threat.  Users who have visited trun-live-wallet.pages.dev should immediately cease any cryptocurrency transactions through this domain. Clear browser cache and cookies related to crypto wallets or exchanges, and consider revoking any permissions granted to wallet connection prompts. Run a full malware scan on your device and monitor blockchain transactions for unauthorized transfers. Report any suspicious activity to PhishDestroy using the unique seed 901b56 for tracking and investigation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.223

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/trun-live-wallet.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/trun-live-wallet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/trun-live-wallet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trun-live-wallet.pages.dev/
Last updated: 2026-04-04