# doc-krack-faq.pages.dev — MALICIOUS

> doc-krack-faq.pages.dev is flagged for phishing risks and social engineering. Avoid interaction and verify before access. Stay protected today.

## Summary
PhishDestroy identifies doc-krack-faq.pages.dev as a high-risk domain engaged in generic phishing activities. The site aims to deceive users by masquerading legitimate content to steal sensitive information, as indicated by its classification under SOCIAL_ENGINEERING by Google Safe Browsing. This domain poses a significant threat to user security and privacy.

Technical analysis reveals that doc-krack-faq.pages.dev was registered recently on February 21, 2026, through Cloudflare, Inc., and resolves to IP address 172.66.46.246. It has been flagged by 13 out of 95 security vendors on VirusTotal and appears on three separate security blocklists. The page title returned is a Cloudflare warning indicating a suspected phishing site, which corroborates the malicious nature of this domain.

Currently, the domain is taken offline to prevent further harm. Users are strongly advised to avoid interacting with this domain or any related links. Organizations should implement domain blocking and update phishing filters accordingly. Continuous monitoring is recommended to detect any future attempts to reactivate or clone the site. Maintaining awareness and caution remains crucial to mitigate risks associated with emerging phishing threats like this.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.246
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["diana.ns.cloudflare.com", "aaron.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019abac0-aabb-77ca-9e7d-e8a987bc3792.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/c84adb5f-a9b4-4da4-9997-c21926cfd89f
- PhishDestroy: https://phishdestroy.io/domain/doc-krack-faq.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/doc-krack-faq.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/doc-krack-faq.pages.dev/
Last updated: 2026-03-19