# faqs-liveledgr.pages.dev — SUSPICIOUS > PhishDestroy identifies faqs-liveledgr.pages.dev as a brand impersonation phishing domain with 0/95 VirusTotal detections. Investigate before clicking. ## Summary PhishDestroy’s automated threat analysis systems have flagged the domain faqs-liveledgr.pages.dev as an active brand impersonation phishing host designed to trick users into surrendering sensitive credentials. This infrastructure leverages the Cloudflare Pages platform to host spoofed login pages resembling legitimate financial or corporate portals. The page is served over a Google Trust Services SSL certificate (valid chain) to enhance believability, while the backend resolves to Cloudflare IP 172.66.44.172, a known edge node used by threat actors to obscure origin servers. Early behavioral analysis indicates lures referencing “live ledger” or “FAQ updates” to prompt visits, followed by credential harvesting or crypto drainer payloads. This domain was flagged by PhishDestroy on seed 6615d7 with zero VirusTotal detections out of 95 engines as of the latest scan, indicating minimal detection coverage across the security community. The domain was registered through Cloudflare, Inc., operates on Cloudflare Pages infrastructure, and currently resolves to IP 172.66.44.172. It shows no presence on major threat intelligence blocklists at this time, underscoring the importance of proactive user vigilance and real-time monitoring. If you have visited faqs-liveledgr.pages.dev, immediately cease any data entry or wallet connection attempts. Revoke any session tokens or API keys exposed during the visit, rotate passwords on related accounts, and inspect connected crypto wallets for unauthorized transactions. Report the domain to your security team or platform abuse channels while avoiding re-visitation. Monitor financial and identity accounts for anomalous activity over the next 30 days. Consider enabling hardware security keys or biometric authentication on high-value accounts to mitigate future credential theft attempts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.172 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/048fa53d-9e8e-42f9-9a84-0aeaa018203d - PhishDestroy: https://phishdestroy.io/domain/faqs-liveledgr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/faqs-liveledgr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/faqs-liveledgr.pages.dev/ Last updated: 2026-03-26