# radiant-haven-7om.pages.dev — MALICIOUS

> radiant-haven-7om.pages.dev is a high-risk phishing domain now offline. Stay alert and avoid interactions. Learn more to protect yourself.

## Summary
PhishDestroy identifies radiant-haven-7om.pages.dev as a high-risk generic phishing domain. The threat is significant due to its purpose of deceiving users into divulging sensitive information, which could lead to identity theft or financial loss. This classification warrants heightened caution and immediate attention from security professionals and users alike.

Supporting evidence includes the domain’s registration date on September 2, 2020, and its hosting through Cloudflare, Inc., which is often used by threat actors to mask infrastructure details. VirusTotal data indicates that 14 out of 95 security vendors flagged this domain, underscoring its malicious nature. Additionally, the domain appears on at least one known security blocklist and resolves to IP address 172.66.45.9. The page title recorded was "Suspected phishing site | Cloudflare," reflecting its compromised reputation and confirmed intent.

Currently, the domain has been taken offline, mitigating ongoing risk from this specific threat. Users and administrators are advised to remain vigilant, avoid any communication or data entry on suspicious domains, and maintain updated security solutions. Continued monitoring of associated infrastructure and related domains is recommended to prevent recurrence or collateral risks linked to this phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2020-09-02 02:33:29
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.45.9
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["adi.ns.cloudflare.com", "karl.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ad807-b07b-727a-a1ac-0187bbf331e5.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/03cd242b-4546-4aa0-8076-249f09a45a1b
- PhishDestroy: https://phishdestroy.io/domain/radiant-haven-7om.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/radiant-haven-7om.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/radiant-haven-7om.pages.dev/
Last updated: 2026-03-19