# blur-nft.pages.dev — SUSPICIOUS

> blur-nft.pages.dev is a brand impersonation scam impersonating Blur with 0/95 VirusTotal detections. Avoid entering sensitive data. Check before you click.

## Summary
PhishDestroy identifies blur-nft.pages.dev as a live brand impersonation domain targeting the Blur NFT marketplace. The domain is currently flagged as 'active' in PhishDestroy's threat database, indicating ongoing misuse for deceptive purposes. This represents a credible risk to users who may confuse the malicious site with the legitimate Blur platform, potentially exposing them to credential theft or cryptocurrency drainer attacks. Immediate caution is advised.

This domain was flagged with high confidence based on multiple technical indicators. VirusTotal currently returns 0 detections out of 95 vendors, suggesting low signature-based detection despite its malicious intent. It is registered through Cloudflare, Inc., resolving to IP address 188.114.96.3 via Google Trust Services SSL certificates. No historical blocklist records were found, and no trust scores are publicly available from major threat intelligence platforms. The absence of detections does not imply safety—this domain is under active investigation and exhibits clear signs of malicious branding with zero current detection coverage.

As of this report, blur-nft.pages.dev remains active and unblocked by mainstream security tools. Users are strongly advised not to interact with this domain or any links associated with it. Security teams should block the domain and IP at the network level using DNS filtering and firewall rules. Organizations are recommended to update threat intelligence feeds and educate users about verifying domain authenticity, especially when transacting with NFT platforms. This domain will be re-evaluated as additional threat intelligence emerges from ongoing monitoring.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Blur

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9bcfb54c-9096-4dea-a533-4ae29e6372d3
- PhishDestroy: https://phishdestroy.io/domain/blur-nft.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/blur-nft.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/blur-nft.pages.dev/
Last updated: 2026-03-27