# jitonetworks.pages.dev — SUSPICIOUS > WARNING: jitonetworks.pages.dev is a fake Jito-branded crypto drainer with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies jitonetworks.pages.dev as an active brand impersonation domain mimicking Jito, a Solana-based liquid staking protocol. This malicious page is currently under investigation for deploying a crypto drainer kit designed to syphon funds from unsuspecting users interacting with fraudulent login or transaction interfaces. The page leverages Cloudflare Pages for hosting, evading immediate detection while targeting Jito’s user base with spoofed branding to deceive visitors into authorizing fraudulent transactions. PhishDestroy categorizes this threat as a high-risk drainer due to its operational status and potential to inflict financial harm. This domain resolves to IP 172.66.44.232 and is registered through Cloudflare, Inc., obscuring its true origin while benefiting from Cloudflare’s SSL infrastructure via Google Trust Services. VirusTotal currently flags this domain with a 0/95 detection ratio as of the latest scan, indicating it remains undetected by most antivirus engines. The domain was registered recently and has not yet been blocked by Google Safe Browsing or other major threat intelligence platforms, with no reported entries across known blocklists. The absence of detections suggests either its recent deployment or the use of evasion techniques to bypass initial scans. Technical analysis confirms the use of a crypto drainer kit, as evidenced by its structure and interactions with Solana wallet connectors, which are typical of such scams. The domain is categorized as ‘active’ with a risk level of ‘under_investigation,’ meaning its full operational scope and impact are still being assessed. PhishDestroy has flagged this domain for immediate user verification and removal, urging security researchers to monitor for updates as further intelligence is gathered. While the current risk is high due to the drainer kit’s presence, the lack of widespread detections and institutional blocking leaves users vulnerable. Safety guidance includes avoiding interaction with the domain, verifying URLs via PhishDestroy or trusted threat feeds, and reporting any suspicious wallet connections or transactions to relevant cybersecurity communities. Users are advised to check their transaction histories and revoke any unauthorized wallet approvals if exposed to this domain. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Jito ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.232 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/9f8e7045-6989-47af-a4fd-47dfdabb22dc - PhishDestroy: https://phishdestroy.io/domain/jitonetworks.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/jitonetworks.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/jitonetworks.pages.dev/ Last updated: 2026-03-22