# kspa-wallet.pages.dev — SUSPICIOUS > kspa-wallet.pages.dev is a crypto drainer with 0/95 VirusTotal detections. Avoid interacting with this site to protect your digital assets. ## Summary PhishDestroy identifies kspa-wallet.pages.dev as a crypto drainer posing a high risk to cryptocurrency users. This fraudulent site is designed to trick visitors into connecting their crypto wallets, enabling unauthorized transfers of digital assets to attacker-controlled accounts. The domain leverages deceptive tactics such as mimicking legitimate wallet interfaces or exploiting urgency (e.g., fake airdrops or security alerts) to coerce users into approving malicious transactions. Once a victim connects their wallet, the drainer silently siphons funds without requiring additional permissions, making it a particularly insidious threat in the crypto space. This domain was flagged after multiple threat intelligence sources flagged its behavior as suspicious. VirusTotal currently shows 0/95 detections, indicating it has evaded initial antivirus and anti-malware scans, though this does not guarantee its safety. The domain is registered through Cloudflare, Inc., which is a common tactic among malicious actors to mask their true identity and infrastructure. Additionally, it resolves to IP address 188.114.97.3, which is associated with known malicious activity. The use of Google Trust Services for its SSL certificate adds a false sense of legitimacy, as HTTPS does not guarantee the site's safety. Cloudflare Pages, the hosting platform, does not inherently validate the content of hosted sites, leaving users vulnerable to scams deployed on their infrastructure. If you have visited kspa-wallet.pages.dev, immediately disconnect your wallet from the site and revoke any permissions granted during the session. Use your wallet's interface to review and revoke suspicious approvals, and transfer any remaining funds to a secure, newly generated wallet address. Enable multi-factor authentication (MFA) on all crypto-related accounts and consider using hardware wallets for added security. Report the domain to your antivirus provider and relevant platforms (e.g., Google Safe Browsing, PhishTank) to help block future access. Stay vigilant by verifying URLs, avoiding unsolicited links, and using reputable wallet and exchange services. For further assistance, consult your wallet provider's official security guidelines or a trusted cybersecurity resource. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/kspa-wallet.pages.dev - PhishDestroy: https://phishdestroy.io/domain/kspa-wallet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/kspa-wallet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kspa-wallet.pages.dev/ Last updated: 2026-04-03