# subscriberfraudinvestigation.pages.dev — SUSPICIOUS > subscriberfraudinvestigation.pages.dev hosts a fraud investigation scam claiming to detect subscriber fraud. Check the full report. 1/95 vendors flagged it. ## Summary subscriberfraudinvestigation.pages.dev has been confirmed as an active fraud investigation scam masquerading as a subscriber fraud detection portal. This domain is weaponized to trick users into divulging sensitive account credentials or payment details under the pretense of resolving alleged subscription fraud. The threat is elevated due to its operational status and the potential for immediate financial harm to victims who engage with the malicious content. This domain was flagged on VirusTotal with a detection ratio of 1 out of 95 security vendors, indicating limited but existing recognition of its malicious nature. It is registered through Cloudflare, Inc., a common provider for malicious infrastructure due to its privacy protections and ease of domain creation. The domain resolves to IP address 172.66.44.210, which is associated with Cloudflare's infrastructure. The SSL certificate is issued by Google Trust Services, a trusted authority, which may lull victims into a false sense of security by appearing legitimate. This domain is hosted on Cloudflare Pages, a legitimate service often abused for phishing campaigns due to its fast deployment capabilities and built-in CDN. To mitigate exposure to this scam, users should avoid clicking links from unsolicited emails or messages referencing subscriber fraud investigations. Organizations are advised to block access to this domain at the network perimeter and educate employees about the tactics used in such fraud investigation scams. Security teams should monitor for similar domains leveraging Cloudflare Pages or Google Trust Services certificates as part of their threat hunting efforts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.210 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/65b7ddca-7471-4f04-92f4-2ebe2d16b4cc - PhishDestroy: https://phishdestroy.io/domain/subscriberfraudinvestigation.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/subscriberfraudinvestigation.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/subscriberfraudinvestigation.pages.dev/ Last updated: 2026-03-24