# app-logn-li.pages.dev — SUSPICIOUS

> Domain app-logn-li.pages.dev poses as a login portal to harvest credentials, hosted on Cloudflare with 0/95 VirusTotal detections as of seed b36c1f.

## Summary
PhishDestroy identifies app-logn-li.pages.dev as an active login credential phishing domain posing as a legitimate service to deceive users into surrendering sensitive authentication data. The site is designed to mimic trusted login interfaces, typically targeting victims through social engineering or spoofed communications. Given the absence of detection flags despite recent deployment, this threat remains under active investigation while users remain exposed to immediate compromise risks.


This domain was flagged under generic phishing due to its clear intent to mimic legitimate authentication portals. According to analyzed intelligence, it resolves to IP 172.66.44.75, utilizes a Google Trust Services SSL certificate, and is registered through Cloudflare, Inc. The domain currently shows 0 out of 95 VirusTotal detections, operates on Cloudflare’s Pages.dev platform, and maintains an active status as of seed b36c1f. No known inclusion in public blocklists has been confirmed at this time.


To mitigate exposure to credential harvesting, users must avoid interacting with this domain or any linked communications. Organizations should implement DNS filtering to block requests to app-logn-li.pages.dev and monitor for anomalous authentication attempts originating from impacted accounts. If credentials were entered, immediately trigger password resets and enable multi-factor authentication where applicable. Security teams should report this domain to Cloudflare’s abuse channels and update threat intelligence platforms to prevent further propagation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.75

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/92e327ab-f1e5-4a49-b2bd-6e8bc305dac1
- PhishDestroy: https://phishdestroy.io/domain/app-logn-li.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/app-logn-li.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-logn-li.pages.dev/
Last updated: 2026-04-01