# driftdaov.pages.dev — MALICIOUS

> Stay safe from phishing threats linked to driftdaov.pages.dev. Avoid this site and verify before sharing personal info online.

## Summary
PhishDestroy identifies driftdaov.pages.dev as a high-risk phishing domain primarily used for generic phishing attacks. The domain exhibits behavior aimed at deceiving users into divulging sensitive information, presenting a significant risk to personal and organizational security.

This domain was registered recently on March 4, 2026, through Cloudflare, Inc., and has been flagged on three separate security blocklists. VirusTotal analysis indicates that 11 out of 95 security vendors detect malicious activity associated with this domain. Additionally, Google Safe Browsing classifies driftdaov.pages.dev under "SOCIAL_ENGINEERING," further confirming its use in phishing schemes. The domain resolves to IP address 172.66.47.18 and currently displays a Cloudflare warning page indicating suspected phishing.

PhishDestroy notes that driftdaov.pages.dev is currently offline and inaccessible, mitigating immediate risks. Users are strongly advised to avoid interacting with this domain or clicking any links associated with it. To protect themselves, users should rely on reputable security tools, keep software updated, and verify URLs before entering any credentials. Organizations should update their blocking policies to include this domain to prevent potential exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-04 13:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.18
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: lou.ns.cloudflare.com meg.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Phishing Database", "Sophos"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb8f9-aa93-7577-b585-ff644c23c88f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4f77f518-438f-4b3f-a395-130dac1c257e
- Wayback Machine: https://web.archive.org/web/https://driftdaov.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/driftdaov.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/driftdaov.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/driftdaov.pages.dev/
Last updated: 2026-03-19