# jitostaking.pages.dev — SUSPICIOUS

> jitostaking.pages.dev mimics Jito staking in a brand impersonation scheme. 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies jitostaking.pages.dev as an ACTIVE brand-impersonation phishing domain targeting the Jito cryptocurrency ecosystem. Its current risk level is UNDER_INVESTIGATION, indicating emerging but unconfirmed malicious intent as of seed e3884c.  This domain masquerades as the official Jito staking portal using Cloudflare’s Pages.dev hosting platform. VirusTotal analysis shows 0/95 endpoint detections (2024-06-05 snapshot), and the site is served from IP 188.114.97.3 via a Google Trust Services SSL certificate. The page uses Cloudflare, Inc. as registrar. The combination of zero antivirus flags, a fresh hosting stack, and a deliberately misleading subdomain pattern (jitostaking.pages.dev) indicates a cloaked landing page likely harvesting wallet credentials or seed phrases. The threat actor has selected Cloudflare’s free tier to obfuscate infrastructure while retaining high availability.  Mitigation against Jito-brand impersonation phishing involves verifying every URL against official Jito domains (jito.network, jito.org) and using hardware-wallet confirmation for any “staking” or “yield” prompts. Immediately block IP 188.114.97.3 at perimeter devices and disable *.pages.dev wildcard access for corporate endpoints. End users should bookmark only jito.network and reject any “Jito Staking” links arriving via email or social media.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Jito

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8c0d1aa6-1349-45f2-a376-950939793320
- PhishDestroy: https://phishdestroy.io/domain/jitostaking.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/jitostaking.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jitostaking.pages.dev/
Last updated: 2026-03-24