# taopad-io.pages.dev — SUSPICIOUS > PhishDestroy identifies taopad-io.pages.dev hosting a fake crypto wallet drainer kit. VirusTotal score 0/95. Act immediately to block this active threat. ## Summary PhishDestroy has identified an active generic phishing domain, taopad-io.pages.dev, currently under investigation as a potential crypto drainer deployment. The domain mimics legitimate crypto wallet services, likely targeting cryptocurrency holders with deceptive login or transaction prompts. No specific brand has been confirmed at this stage, but the infrastructure setup suggests a drainer kit may be in use, designed to silently transfer victim funds to attacker-controlled wallets. This domain resolves to IP address 188.114.97.3 and leverages Cloudflare’s Pages.dev service for hosting. Registered through Cloudflare, Inc., it holds a legitimate Google Trust Services SSL certificate, likely to enhance credibility. VirusTotal currently shows 0/95 detection engines flagging the domain, leaving it unblocked by most security tools. The domain was recently created and remains unlisted on Google Safe Browsing (GSB) as of this report. As of the latest assessment, taopad-io.pages.dev remains active and unresolved. Users and organizations are advised to block both the domain and associated IP address immediately. Security teams should monitor for related IOCs and update threat intelligence feeds. While the immediate risk is elevated due to low detection coverage, the absence of confirmed brand abuse or active campaigns targeting specific entities lowers the risk rating to 'under_investigation'. Continued vigilance and proactive blocking are recommended. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/ca00b879-2627-4948-a910-1e0db1fe5602 - PhishDestroy: https://phishdestroy.io/domain/taopad-io.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/taopad-io.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/taopad-io.pages.dev/ Last updated: 2026-03-24