# lazerlive-faq.pages.dev — SUSPICIOUS

> PhishDestroy identifies lazerlive-faq.pages.dev as a crypto drainer domain with 0/95 detections on VirusTotal.

## Summary
PhishDestroy identifies lazerlive-faq.pages.dev as a domain actively distributing a crypto drainer payload, designed to silently empty cryptocurrency wallets connected to a compromised web session. This threat leverages JavaScript-based wallet interaction hijacking to approve and execute unauthorized token transfers without user consent. Victims typically encounter the domain through deceptive social media promotions or spoofed NFT/DeFi project links, where the drainer masquerades as a legitimate service portal. Once loaded, the malicious script monitors wallet connections and intercepts transaction approvals, draining assets within minutes of interaction. 


This domain was flagged through automated threat intelligence pipelines, revealing critical indicators: it currently shows 0 detections out of 95 engines on VirusTotal, suggesting it remains under the radar of mainstream antivirus systems. It was registered via Cloudflare, Inc. and resolves to IP 172.66.47.77 with a Google Trust Services SSL certificate, adding a false sense of legitimacy. The domain is hosted on Cloudflare Pages, a legitimate platform repurposed for malicious delivery, and is actively resolving at the time of analysis. No blocklist entries were detected in public feeds during initial triage, reinforcing the stealth nature of this campaign. 


If you visited lazerlive-faq.pages.dev or interacted with any web page loading content from this domain, disconnect your wallet immediately and revoke any suspicious approvals via tools like revoke.cash or your wallet’s dApp browser. Do not approve any pending transactions you did not initiate. Clear browser cache and disable browser extensions, then scan your system with a reputable antivirus tool. Report the domain to your wallet provider and consider transferring remaining assets to a new, isolated wallet with a freshly generated seed phrase. Monitor on-chain activity for any unauthorized transfers and report suspicious behavior to incident response teams.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.77

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/85a3a0b8-bbbc-46c5-a034-3187225c6c16
- PhishDestroy: https://phishdestroy.io/domain/lazerlive-faq.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/lazerlive-faq.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lazerlive-faq.pages.dev/
Last updated: 2026-04-12