# xn--trsortradevia-chb.com — MALICIOUS > xn--trsortradevia-chb.com is a crypto drainer impersonating a trading brand, detected by 19/95 VirusTotal scanners. Act now to block access. ## Summary Is xn--trsortradevia-chb.com safe? PhishDestroy identifies this domain as an active crypto drainer impersonating a legitimate trading platform with a Unicode homograph attack. The domain resolves to 91.236.116.210 and uses the visually similar trésortradevia.com title to deceive victims into connecting crypto wallets or entering credentials. No known drainer kit signature has been confirmed, but the threat follows established patterns of blocklisted domains engaging in cryptocurrency theft through fake trading interfaces. This domain was flagged with a high-risk status by PhishDestroy, supported by 19 out of 95 VirusTotal security vendors, and has been listed on 3 prominent blocklists including PhishingArmy, OISD, and CERT-PL. The domain was registered on October 31, 2025, through MainReg Inc., and resolves to the Russian IP address 91.236.116.210. Google Safe Browsing (GSB) has not yet flagged this domain, suggesting a recent deployment window. These technical indicators point to a newly active threat designed for short-term credential theft and cryptocurrency draining operations. As of now, xn--trsortradevia-chb.com remains active and poses an immediate risk to users who may interact with it. Immediate actions include blocking the domain at the network level, reporting the IP to hosting providers, and updating endpoint security rules to detect inbound connections. Users should avoid accessing this domain and verify any trading links through official, validated sources. While GSB coverage is currently absent, proactive blocking is essential to prevent wallet drain attacks. Remaining risk is high due to active deployment and low time-in-market, allowing evasion of slower blocklists. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Page title: trésortradevia.com ## Domain Intelligence - Registered: 2025-10-31 15:48:02 - Registrar: MainReg Inc. - IP: 91.236.116.210 ## Detection Status - VirusTotal: 19 vendors flagged - Google Safe Browsing: clean - Blocklists: 3 hits Lists: ["PhishingArmy", "OISD", "CERT-PL"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/xn--trsortradevia-chb.com - PhishDestroy: https://phishdestroy.io/domain/xn--trsortradevia-chb.com/ - LLM endpoint: https://phishdestroy.io/domain/xn--trsortradevia-chb.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/xn--trsortradevia-chb.com/ Last updated: 2026-04-10