# getrewardswithtiktokgamestester.pages.dev — SUSPICIOUS > PhishDestroy identifies getrewardswithtiktokgamestester.pages.dev as a TikTok-themed phishing lure hosted on Cloudflare Pages. VirusTotal shows 0/95 detections. ## Summary PhishDestroy identifies getrewardswithtiktokgamestester.pages.dev as an active phishing domain masquerading as a reward program to harvest TikTok user credentials. The lure mimics legitimate gaming-reward lures, urging victims to ‘test games’ while exfiltrating login details through spoofed OAuth flows. Threat actors seed TikTok comment threads and DMs with shortened URLs pointing to this Cloudflare Pages site, bypassing some spam filters via Cloudflare’s IPFS-like hosting (172.66.44.220). The domain’s Google Trust Services SSL certificate further enhances its ‘trustworthy’ appearance, increasing click-through rates among unsuspecting users seeking quick in-game rewards. This domain represents a targeted blend of platform-based social engineering and low-cost hosting to maximize reach and minimize takedown friction. This domain was flagged by PhishDestroy with risk status ‘active’ and under investigation. VirusTotal analysis shows zero detections (0/95 engines) as of seed 5a1c8b, indicating minimal signature coverage. The domain resolves to IP 172.66.44.220 and is registered through Cloudflare, Inc., leveraging Pages for rapid deployment and geographic dispersion. While no third-party blocklists currently list it, the absence of detections does not imply safety—especially given the highly targeted nature of the lure and the domain's recent creation through Cloudflare’s automated infrastructure. If you visited getrewardswithtiktokgamestester.pages.dev, immediately rotate your TikTok password and enable two-factor authentication. Revoke any OAuth tokens granted to suspicious apps linked to this domain. Report the site to TikTok’s Trust & Safety team and PhishDestroy using the unique seed 5a1c8b. Avoid clicking on shortened TikTok links promising ‘free rewards’ or ‘game tester opportunities’—these are commonly weaponized to deliver credential-harvesting pages. Monitor your account for unusual login activity and check connected apps in TikTok’s settings for unauthorized access. Stay vigilant: even domains with clean scans and valid SSL certificates can be malicious if the lure is socially engineered for urgency and reward anticipation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.220 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/11e11558-4b1d-4574-935e-078d05bb166d - PhishDestroy: https://phishdestroy.io/domain/getrewardswithtiktokgamestester.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/getrewardswithtiktokgamestester.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/getrewardswithtiktokgamestester.pages.dev/ Last updated: 2026-03-28