# gems36500.vip — SUSPICIOUS

> Site gems36500.vip is a live crypto drainer luring victims with fake gems giveaways; block immediately and verify on PhishDestroy.

## Summary
PhishDestroy identifies gems36500.vip as an ACTIVE crypto-draining scam page harvesting wallet credentials and tokens under the guise of a gems giveaway. The site poses an immediate financial risk to visitors who connect wallets or enter seed phrases. This domain is currently under investigation and remains unblocked by most vendors.

This domain was flagged by PhishDestroy on September 02, 2024; VirusTotal shows 0 detections out of 95 engines, the registrar is GoDaddy.com, LLC, and the hosting IP is 18.245.86.78 (Amazon AWS). The SSL certificate issued is valid and signed by Amazon, suggesting active infrastructure rather than hastily abandoned fronts. Historical data indicates no prior inclusion on major blocklists such as PhishTank or OpenPhish, leaving a dangerous exposure window for potential victims.

Users must immediately cease interaction with gems36500.vip and revoke any connected wallet permissions using tools like revoke.cash. Never enter seed phrases or private keys on any site claiming to offer free gems or airdrops. If you visited or interacted, disconnect wallets, check transaction histories for unauthorized transfers, and report the domain to PhishDestroy for verification. Always verify unknown domains against PhishDestroy’s real-time blocklist before any wallet connection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-09-02 05:43:07
- Registrar: GoDaddy.com, LLC
- IP: 18.245.86.78

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f269c4fc-0a75-4759-9c78-8fe446349ee1
- PhishDestroy: https://phishdestroy.io/domain/gems36500.vip/
- LLM endpoint: https://phishdestroy.io/domain/gems36500.vip/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gems36500.vip/
Last updated: 2026-03-24