# hello-business-wkv7-0aan.pages.dev — MALICIOUS

> Warning: The domain hello-business-wkv7-0aan.pages.dev is linked to high-risk phishing activity and is currently offline. Avoid interaction to stay safe.

## Summary
PhishDestroy identifies hello-business-wkv7-0aan.pages.dev as a high-risk generic phishing domain. This domain was created recently on March 09, 2026, and was flagged for suspicious activity related to credential phishing attempts. The page title detected was "Suspected phishing site | Cloudflare," which aligns with its malicious intent to deceive users and potentially steal sensitive information.

The domain was registered through Cloudflare, Inc., and resolved to the IP address 188.114.97.3 at the time of investigation. It appears on one security blocklist, indicating recognized malicious behavior by threat intelligence providers. VirusTotal analysis shows that 16 out of 95 security vendors flagged this domain for phishing or associated threats. The domain utilized Cloudflare's pages.dev platform, which is often exploited by attackers for rapid deployment of fraudulent sites.

Currently, hello-business-wkv7-0aan.pages.dev is offline, likely due to takedown actions following detection. Users are strongly advised to avoid any interaction with this domain or links pointing to it. Organizations should ensure their security solutions block this domain and monitor for similar patterns to prevent credential compromise. Continuous vigilance and prompt response remain essential to mitigate risks posed by such rapidly emerging phishing domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-09 01:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: cris.ns.cloudflare.com poppy.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "DNS8", "ESET", "Emsisoft", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "MalwareURL", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ccffb-93bb-7522-b4e5-7500b48a9128.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/43fc1215-ae99-4bef-b289-472c9d17027b
- Wayback Machine: https://web.archive.org/web/https://hello-business-wkv7-0aan.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/hello-business-wkv7-0aan.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/hello-business-wkv7-0aan.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hello-business-wkv7-0aan.pages.dev/
Last updated: 2026-03-19