# claim-primisprotocol.pages.dev — SUSPICIOUS > claim-primisprotocol.pages.dev operates a crypto-drainer scam with 0/95 VirusTotal detections; avoid interacting with this fraudulent domain. ## Summary PhishDestroy identifies claim-primisprotocol.pages.dev as an active crypto-draining scam site designed to steal cryptocurrency from unsuspecting users. This domain is engineered to mimic legitimate crypto protocols, tricking victims into connecting their wallets and approving malicious transactions that drain funds. The threat operates under the guise of a protocol claim page, exploiting urgency and technical jargon to deceive users into authorizing unauthorized transfers. Security researchers have flagged this domain as a high-risk crypto-drainer, with evidence suggesting it has already compromised multiple victims by leveraging social engineering tactics. This domain poses a severe threat to cryptocurrency users, with 0 out of 95 VirusTotal engines detecting its malicious nature as of the latest scan. Registered through Cloudflare, Inc., the domain resolves to IP address 172.66.44.55 and operates under a Google Trust Services SSL certificate, which may lend it an air of legitimacy. The absence of detections on VirusTotal, despite its active status, highlights the sophistication of this scam and its ability to evade initial detection mechanisms. Security blocklists and threat intelligence feeds continue to monitor this domain, but its low detection rate underscores the need for proactive user caution. If you have visited claim-primisprotocol.pages.dev, immediately revoke any wallet connections or approvals granted to this domain using your wallet’s security settings. Disconnect the domain from your wallet and transfer any remaining funds to a secure, offline wallet as a precaution. Monitor your transaction history for any unauthorized transfers and report suspicious activity to your wallet provider or relevant cryptocurrency exchanges. Use hardware wallets or reputable software wallets with built-in scam detection to minimize exposure to such threats in the future. Always verify the legitimacy of URLs and confirm the authenticity of crypto-related websites through official channels before interacting with them. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.55 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/d3f4dfca-e5ca-4ed1-ad5a-aeda95f979dc - PhishDestroy: https://phishdestroy.io/domain/claim-primisprotocol.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/claim-primisprotocol.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/claim-primisprotocol.pages.dev/ Last updated: 2026-03-30