# avvici.pages.dev — SUSPICIOUS > avvici.pages.dev is a Microsoft 365 credential phishing page with 0/95 VirusTotal detections. Check the full report to assess risk. ## Summary avvici.pages.dev has been identified as a phishing domain designed to harvest Microsoft 365 login credentials, posing a significant risk to unsuspecting users who may inadvertently disclose sensitive corporate or personal account details. This domain leverages Cloudflare’s Pages service to host a deceptive login interface that closely mimics the legitimate Microsoft 365 authentication portal, increasing the likelihood of successful credential theft. The domain was registered through Cloudflare, Inc., resolving to IP address 188.114.97.3 with an SSL certificate issued by Google Trust Services, further enhancing its appearance of legitimacy. While VirusTotal currently shows 0/95 detections, the absence of flagging does not equate to safety, as threat actors frequently exploit Cloudflare’s infrastructure to evade detection. This domain exhibits multiple red flags indicative of a sophisticated phishing operation. The use of Cloudflare Pages allows threat actors to rapidly deploy and rotate phishing pages, making it difficult for traditional security measures to keep pace. The domain’s SSL certificate, issued by Google Trust Services, adds a layer of perceived trustworthiness, as users often associate Google-issued certificates with legitimate services. Additionally, the domain’s infrastructure—hosted on Cloudflare’s network—provides anonymity and resilience against takedown efforts. While the exact creation date is not provided, the domain’s active status and low detection rate suggest it is part of a larger, ongoing campaign targeting Microsoft 365 users, a common vector for credential harvesting due to its widespread adoption in enterprise environments. Users who have interacted with avvici.pages.dev should take immediate action to secure their accounts and assess potential exposure. First, change your Microsoft 365 password immediately and enable multi-factor authentication (MFA) if not already configured. Review account activity logs for any unauthorized access or unusual login attempts, and revoke any suspicious sessions or connected applications. If you entered credentials, assume they have been compromised and follow your organization’s incident response procedures or Microsoft’s guidelines for compromised accounts. Additionally, scan your device for malware using reputable antivirus software, as phishing pages may also deploy secondary payloads. Report the domain to your IT security team or platforms like PhishDestroy to aid in broader threat intelligence efforts. Exercise caution with any unsolicited login prompts, and verify the legitimacy of URLs before entering credentials. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/32fc7dc0-004b-489b-adfa-56af06b8cc0f - PhishDestroy: https://phishdestroy.io/domain/avvici.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/avvici.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/avvici.pages.dev/ Last updated: 2026-03-27