# trust-walletr.pages.dev — SUSPICIOUS

> Trust-walletr.pages.dev mimics Trust Wallet to deploy crypto drainers. VirusTotal flags 1/95 vendors. Avoid all interactions; block immediately.

## Summary
PhishDestroy identifies trust-walletr.pages.dev as an active brand-impersonation domain targeting Trust Wallet users. This fraudulent site masquerades as the legitimate Trust Wallet interface to trick victims into connecting their wallets and signing malicious transactions, classifying it as a crypto drainer with elevated risk. The domain leverages Cloudflare Pages for hosting, ensuring rapid take-down resistance while impersonating a major crypto custody brand.


Technical indicators confirm this domain’s malicious intent: VirusTotal’s analysis shows 1 out of 95 security vendors flagged the site. It resolves to IP address 172.66.46.234, a Cloudflare-operated endpoint. The domain operates under Cloudflare, Inc.’s registrar infrastructure and utilizes a Google Trust Services SSL certificate, increasing initial trust. These factors combine to create a sophisticated facade designed to bypass early detection by users and automated tools.


As of the latest assessment, trust-walletr.pages.dev remains active and unblocked by major browsers. Google Safe Browsing (GSB) has not yet flagged the domain, and no known takedown has occurred despite its clear malicious signature. Users must manually block access via hosts file or firewall rules using the IP 172.66.46.234 and domain name. Remaining risk is elevated due to active hosting, certificate legitimacy, and low initial detection rates. Exercise extreme caution when accessing wallet-related sites; always use official URLs (trustwallet.com) and verify SSL certificates before any interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Trust Wallet

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.234

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a24b71ee-56cb-4778-b3d1-fb6a23a34680
- PhishDestroy: https://phishdestroy.io/domain/trust-walletr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/trust-walletr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trust-walletr.pages.dev/
Last updated: 2026-03-23