# radm.pages.dev — SUSPICIOUS

> PhishDestroy identifies radm.pages.dev as a crypto drainer phishing site with 0/95 VirusTotal detections. Avoid interacting immediately.

## Summary
PhishDestroy has flagged radm.pages.dev as a suspected crypto drainer domain currently under investigation for malicious activity. This fraudulent site mimics legitimate services to deceive users into connecting cryptocurrency wallets, where attackers can drain funds without consent. The page leverages Cloudflare’s infrastructure and a Google-issued SSL certificate to appear trustworthy, but technical analysis confirms red flags consistent with wallet-draining malware campaigns targeting crypto investors.  This domain was registered through Cloudflare, Inc. and first observed on the internet with a VirusTotal detection rate of 0 out of 95 security engines as of the latest scan. It resolves to IP address 172.66.44.241 and uses a Google Trust Services SSL certificate to enhance credibility. The absence of detections does not guarantee safety — such domains often fly under the radar until public reporting triggers analysis. Threat intelligence sources indicate this page may be part of a broader campaign distributing JavaScript-based wallet drainers, particularly targeting users of Ethereum, Solana, and other high-value blockchains.  If you visited radm.pages.dev or entered any information, disconnect your wallet immediately using the emergency disconnect feature in your wallet software. Revoke any suspicious token approvals via tools like revoke.cash or similar platforms. Scan your device with reputable antivirus software and avoid reusing wallet recovery phrases. Report the domain to PhishDestroy and your local cybercrime unit. Never reconnect your wallet to unfamiliar sites — always verify URLs through official channels before interacting.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.241

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/143b63b3-a9fd-48e1-ac2e-f194feda4656
- PhishDestroy: https://phishdestroy.io/domain/radm.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/radm.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/radm.pages.dev/
Last updated: 2026-03-21