# io-phomtqe-walet.pages.dev — SUSPICIOUS

> io-phomtqe-walet.pages.dev is a crypto drainer impersonating a digital wallet service. Verify safety on PhishDestroy before interacting — 0/95 VirusTotal.

## Summary
PhishDestroy identifies io-phomtqe-walet.pages.dev as a suspicious domain linked to a generic phishing campaign, specifically a cryptocurrency drainer kit targeting unsuspecting users. This domain mimics legitimate wallet interfaces to siphon digital assets from victims. The threat involves deceptive prompts to connect crypto wallets, leading to unauthorized fund transfers under the guise of legitimate transactions. No specific brand impersonation has been confirmed, but the UI and onboarding flow closely resemble known wallet drainer toolkits.  

This domain was flagged with a VirusTotal detection rate of 0 out of 95 scan engines as of the latest analysis, indicating it remains largely undetected by mainstream security tools. It resolves to IP address 188.114.97.3 and is hosted via Cloudflare, Inc., which is commonly used to obscure malicious infrastructure. The domain uses a valid SSL certificate issued by Google Trust Services, further enhancing its credibility to potential victims. While the creation date and Google Safe Browsing (GSB) blocklist status are not provided, the absence of detections suggests it is a recently deployed or opportunistic campaign with low forensic visibility.  

The domain is currently active and under investigation by PhishDestroy’s threat intelligence team. Immediate defensive actions include sandboxing the domain, analyzing traffic patterns, and monitoring associated blockchain addresses for illicit fund movement. Although the risk level is marked as under investigation, users are strongly advised to avoid interaction and verify domain safety on PhishDestroy before accessing. Remaining risk is considered moderate due to low detection coverage and the use of evasive infrastructure, warranting heightened caution in blockchain-related contexts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7466ee98-3094-445d-9d61-5a6a1c52ba84
- PhishDestroy: https://phishdestroy.io/domain/io-phomtqe-walet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/io-phomtqe-walet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/io-phomtqe-walet.pages.dev/
Last updated: 2026-03-22