# apglobal.io — SUSPICIOUS

> PhishDestroy identifies apglobal.io as a generic phishing domain with 0/95 VirusTotal detections. This site is suspected of credential theft.

## Summary
PhishDestroy’s automated threat pipeline flagged the domain apglobal.io on seed 94f854 as a generic phishing host actively resolving to a Cloudflare fronted endpoint. The campaign shows no overt brand impersonation or crypto-drainer fingerprint, indicating an evolving credential-theft operation. Registrant details remain opaque, but infrastructure choices (Cloudflare proxy + Google Trust Services SSL) suggest deliberate obfuscation to evade takedown and detection layers.  Domain technical indicators are as follows: VirusTotal score 0/95 (no antivirus detections as of current scan), WHOIS registrar Cloudflare, Inc., IP apex 104.21.52.167, domain creation timestamp 2021-01-24, SSL issuer Google Trust Services, and Google Safe Browsing status currently clean. Third-party blocklist aggregators also show zero listings at this time, underscoring the novelty and low prior reputation of the domain.  Current operational status is active, with the domain remaining resolvable and infrastructure stable. PhishDestroy recommends immediate network-level blocking of apglobal.io and its resolving IP 104.21.52.167, coupled with enhanced user awareness training focused on generic lures and suspicious login portals. Remaining risk is evaluated as moderate due to the absence of historical detections and the use of reputable hosting intermediaries, but the domain’s age and generic nature warrant heightened monitoring until definitive verdicts are reached by broader threat-intel communities.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2021-01-24 07:05:27
- Registrar: Cloudflare, Inc
- IP: 104.21.52.167

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e85f832d-d69d-47ee-bef3-2e259a5753b6
- PhishDestroy: https://phishdestroy.io/domain/apglobal.io/
- LLM endpoint: https://phishdestroy.io/domain/apglobal.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/apglobal.io/
Last updated: 2026-03-29