# io-phomts-wallets.pages.dev — MALICIOUS

> Discover why io-phomts-wallets.pages.dev is flagged for crypto draining and what steps to take to protect your digital assets.

## Summary
PhishDestroy identifies io-phomts-wallets.pages.dev as a high-risk crypto drainer domain designed to steal cryptocurrency assets by tricking users into compromising their wallets. Crypto drainers are particularly dangerous because they can silently transfer funds without user consent, leading to irreversible financial loss. This threat is critical given the rise of decentralized finance and digital wallets, where users may not detect malicious activity until it's too late.

The domain was registered recently on February 21, 2026, and is hosted on Cloudflare's infrastructure, which is commonly abused for both legitimate and malicious purposes. It has been flagged by multiple security vendors and appears on several security blocklists. Google Safe Browsing classifies it under social engineering threats, indicating attempts to deceive users, potentially through phishing or fraudulent wallet interfaces. Currently, the domain is offline, which may limit immediate risk but does not eliminate danger from related or copycat domains.

Users are strongly advised to avoid interacting with io-phomts-wallets.pages.dev or any suspicious wallet-related URLs. Always verify wallet addresses independently and use trusted, official wallet applications. Enable multi-factor authentication and consider hardware wallets for enhanced security. Stay informed by monitoring updates from reputable security sources like PhishDestroy to prevent falling victim to similar crypto draining scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.45.18
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["cruz.ns.cloudflare.com", "edward.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ad176-7c85-710a-9c96-b1d1bfe4b7ab.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4549d687-92da-4411-82f6-1b6feb092260
- PhishDestroy: https://phishdestroy.io/domain/io-phomts-wallets.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/io-phomts-wallets.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/io-phomts-wallets.pages.dev/
Last updated: 2026-03-19