# kisok-cf-pages.pages.dev — SUSPICIOUS

> kisok-cf-pages.pages.dev operates a crypto-draining phishing kit detected by PhishDestroy. With 0/95 VirusTotal scans flagging it yet, treat this.

## Summary
kisok-cf-pages.pages.dev is a live Cloudflare Pages domain currently serving a generic phishing payload designed for credential theft; no brand or drainer kit specifics have been extracted so far.

Technical indicators include 0 VirusTotal detections out of 95 scans, registration through Cloudflare, Inc., resolution to IP 188.114.97.3, and issuance of an SSL certificate by Google Trust Services. The domain status remains under investigation with no publicly reported blocklist inclusions or Google Safe Browsing (GSB) categorization at this time.

Current status is active and unflagged across major security stacks, presenting a latent risk for unsuspecting visitors. Immediate blocking of 188.114.97.3 and kisok-cf-pages.pages.dev is advised; users should avoid interaction and report any sightings to their SOC for ingestion into detection rules.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/33687ad2-5382-4e58-accc-ca2ff2e7b2d7
- PhishDestroy: https://phishdestroy.io/domain/kisok-cf-pages.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/kisok-cf-pages.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kisok-cf-pages.pages.dev/
Last updated: 2026-03-25