# rp66ad7.com — SUSPICIOUS

> rp66ad7.com is a live phishing domain impersonating a login portal. Hosted on 172.67.132.58, it has 0/95 VirusTotal detections and was created January 12, 2026.

## Summary
PhishDestroy identifies rp66ad7.com as an active generic phishing domain under investigation for impersonation of a login or authentication portal. This domain poses a direct credential theft risk to visitors who enter sensitive login information, potentially exposing users to account takeovers and downstream fraud. The site is currently unflagged across multiple detection engines, making it a stealthy threat requiring immediate attention from domain blockers and enterprise security teams.  rp66ad7.com resolves to IP address 172.67.132.58 and carries a Google Trust Services SSL certificate, which may give it deceptive legitimacy. It was registered through GoDaddy.com, LLC on January 12, 2026—a recent registration indicative of opportunistic domain abuse. As of the latest scan, VirusTotal reports 0 detections out of 95 engines, placing it in a blind spot for automated defenses. No known blocklists currently flag the domain, and its low-profile registration suggests it may be part of a rapidly deployed campaign targeting unsuspecting users.  To mitigate risk, organizations and users should block rp66ad7.com at the DNS and network level using threat intelligence feeds. Users must avoid entering any credentials or personal data on this domain. Security teams should monitor for downstream compromise if credentials were previously submitted and enforce password resets where applicable. Additionally, report the domain to CERT teams and domain registrars to accelerate takedown and reduce dwell time.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-12 11:46:10
- Registrar: GoDaddy.com, LLC
- IP: 172.67.132.58

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5fb9acb4-1f62-4a4a-b169-6a92e6f2e6f0
- PhishDestroy: https://phishdestroy.io/domain/rp66ad7.com/
- LLM endpoint: https://phishdestroy.io/domain/rp66ad7.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rp66ad7.com/
Last updated: 2026-03-23