# sparrowwallets.pages.dev — SUSPICIOUS

> Beware sparrowwallets.pages.dev—a crypto drainer exploiting Cloudflare infrastructure. Flagged by 0 of 95 VirusTotal vendors, it resolves to 188.114.97.3.

## Summary
PhishDestroy identifies sparrowwallets.pages.dev as an active crypto drainer targeting cryptocurrency users under investigation since seed 0eba3b.

This domain employs advanced evasion techniques, currently flagged by zero of 95 VirusTotal vendors despite resolving to IP 188.114.97.3 via Cloudflare, Inc. Its SSL certificate is issued by Google Trust Services, suggesting a calculated effort to mimic legitimacy. While no detections exist on VirusTotal, the absence of flags does not equate to safety, as newer crypto drainers often bypass initial scans through dynamic infrastructure and obfuscated payloads.

The threat level remains under investigation due to limited historical telemetry and the domain's recent deployment cycle. However, indicators such as the use of a Google-validated SSL certificate and Cloudflare's proxy layer are classic hallmarks of nefarious infrastructure designed to evade detection and prolong operational lifespan. Users who have interacted with this domain—especially in the context of cryptocurrency transactions—are strongly advised to revoke any connected wallet permissions, transfer remaining assets to a cold wallet, and perform a full system scan using reputable cybersecurity tools. Additionally, network administrators should consider blocking this domain and its associated IP at the firewall level to prevent further propagation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/08fb5bae-80d2-4afe-8720-ea4b6e27666c
- PhishDestroy: https://phishdestroy.io/domain/sparrowwallets.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sparrowwallets.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sparrowwallets.pages.dev/
Last updated: 2026-03-25