# wise-wall-fqb6ek.pages.dev — SUSPICIOUS

> wise-wall-fqb6ek.pages.dev linked to Google Docs phishing. Flagged by 0/95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies the domain wise-wall-fqb6ek.pages.dev as an active Google Docs phishing campaign. The threat is classified under 'generic_phishing' and remains in active status for end-user deception. This page mimics legitimate Google Docs authentication pages to harvest credentials and session tokens. The infrastructure leverages Cloudflare Pages for rapid deployment and obfuscation.


This domain was flagged by 0 of 95 VirusTotal vendors during the most recent scan, indicating a low detection rate despite clear Indicators of Compromise (IOCs). The domain resolves to IP address 172.66.47.170 and is registered through Cloudflare, Inc. The SSL certificate is issued by Google Trust Services, which increases its credibility with unsuspecting users. The detection gap highlights the need for behavioral and heuristic analysis beyond signature-based scanning.


Given the active status and low detection rate, immediate caution is advised. Users should avoid interacting with this domain or any linked Google Docs forms. Organizations are urged to implement DNS filtering, browser warnings, and user awareness training. Monitor network traffic for connections to 172.66.47.170 and blocklist this domain proactively. The absence of detections does not equate to safety—this campaign is designed to evade traditional defenses.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.170

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/wise-wall-fqb6ek.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/wise-wall-fqb6ek.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/wise-wall-fqb6ek.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/wise-wall-fqb6ek.pages.dev/
Last updated: 2026-04-03