# jurassic-spark.pages.dev — SUSPICIOUS

> Jurassic-Spark.pages.dev is a confirmed crypto drainer site with 0/95 VirusTotal detections. Check the full report for IOCs and safety guidance.

## Summary
PhishDestroy identifies jurassic-spark.pages.dev as an active cryptocurrency drainer domain currently under investigation for generic phishing operations. The site masquerades through a Cloudflare Pages deployment, leveraging the 'jurassic-spark' subdomain to mimic legitimate blockchain or NFT-related services. No specific brand or drainer kit fingerprint has been extracted from open sources; however, the infrastructure aligns with known phishing-as-a-service toolkits that facilitate wallet drainers via deceptive transaction prompts. The domain's landing page remains active, indicating ongoing lure campaigns targeting crypto users through social engineering and impersonation tactics.  

This domain resolves to Internet Protocol 172.66.44.159 and is secured with a Let’s Encrypt SSL certificate, likely to enhance perceived trustworthiness. As of the latest scan, jurassic-spark.pages.dev returned a VirusTotal detection score of 0 out of 95, showing no proactive blocking by mainstream AV engines. Registered through Cloudflare, Inc., the domain benefits from Cloudflare’s proxy and caching layers, complicating takedown and geolocation efforts. The infrastructure footprint remains minimal, with no publicly documented creation date or Google Safe Browsing (GSB) listing. Blocklist aggregators have not yet flagged the domain, leaving a critical window for further exploitation.  

The threat status is marked 'active,' with no takedown or remediation action confirmed at this time. Security researchers are advised to monitor this domain closely and integrate its indicators into enterprise blocklists. While the immediate risk remains moderate due to low AV detection, the lack of proactive blocking increases exposure for cryptocurrency holders and NFT collectors. Users are urged to verify URLs via dedicated threat intelligence platforms and avoid interacting with unsolicited links promising 'exclusive' digital assets or 'airdrops.' Continued monitoring is essential, as this domain may evolve or pivot to new infrastructure as detection improves. Remaining risk: elevated, pending further intelligence and enforcement action.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.159

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/19096676-5a9f-43a1-8ec8-57ee643021e9
- PhishDestroy: https://phishdestroy.io/domain/jurassic-spark.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/jurassic-spark.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jurassic-spark.pages.dev/
Last updated: 2026-03-30