# meta-helon-dryva-kino.pages.dev — MALICIOUS

> Warning: meta-helon-dryva-kino.pages.dev is flagged for phishing and poses a high risk. Avoid interaction; domain is currently offline.

## Summary
PhishDestroy identifies meta-helon-dryva-kino.pages.dev as a high-risk phishing domain. The site was designed to deceive users into revealing sensitive information, categorizing it under generic phishing threats. Due to its malicious intent, users are strongly advised to avoid engaging with this domain to protect personal data and credentials.

Supporting evidence includes detection by 14 out of 95 security vendors on VirusTotal and its presence on two separate security blocklists, underscoring its malicious nature. The domain was registered through Cloudflare, Inc., a common registrar used by both legitimate and fraudulent actors. Notably, the domain was created on February 21, 2026, indicating recent activity consistent with emerging phishing campaigns.

Currently, meta-helon-dryva-kino.pages.dev has been taken offline, limiting its ability to cause harm. Users should maintain caution and avoid attempts to access or interact with this domain or any related URLs. Employing updated security software and consulting resources like PhishDestroy can help users stay protected from similar threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.182
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["nikon.ns.cloudflare.com", "stephane.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b915b-c977-76fb-b07f-0eb01fcd377f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f82d95ef-d464-4b2c-aafd-40f19cfe54c9
- PhishDestroy: https://phishdestroy.io/domain/meta-helon-dryva-kino.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/meta-helon-dryva-kino.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/meta-helon-dryva-kino.pages.dev/
Last updated: 2026-03-19