# comm---logiin---uphlddd---secrrr.pages.dev — SUSPICIOUS

> PhishDestroy identifies comm---logiin---uphlddd---secrrr.pages.dev as a Microsoft credential phishing site (1/95 vendors flagged). Check the full report.

## Summary
PhishDestroy identifies comm---logiin---uphlddd---secrrr.pages.dev as a live Microsoft login phishing page hosted on Cloudflare Pages. The domain mimics Microsoft’s login portal to harvest user credentials and session tokens. This campaign is actively resolving to IP 172.66.44.166 and is protected by a Google Trust Services SSL certificate, increasing its appearance of legitimacy. Victims risk unauthorized account access, data theft, and potential follow-on attacks such as session hijacking or corporate account compromise.


This domain was flagged by PhishDestroy with a single detection on VirusTotal out of 95 participating security vendors as of seed a1ffc5. It was registered through Cloudflare, Inc., leveraging Pages.dev infrastructure to host the fake login form. The domain uses a long string of hyphens to impersonate the official microsoft.com login structure, exploiting visual similarity to bypass email filters and user scrutiny. False trust is further reinforced by the presence of a valid Google Trust Services certificate, which does not validate the site’s authenticity but only encrypts the connection.


If you visited comm---logiin---uphlddd---secrrr.pages.dev and entered any credentials, immediately change your Microsoft password and enable multi-factor authentication (MFA). Review recent sign-in activity in your Microsoft account for suspicious logins. If you reused the same password elsewhere, change it on all affected accounts. Scan your device with updated antivirus software and consider revoking any active sessions. Report the domain to Microsoft via their Phishing Report tool and to your organization’s security team if work-related. Avoid clicking links in unsolicited emails; always navigate to login portals directly via trusted bookmarks or official URLs.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.166

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0d752e36-4d2d-4d1c-a71a-39bb1e36d77d
- PhishDestroy: https://phishdestroy.io/domain/comm---logiin---uphlddd---secrrr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/comm---logiin---uphlddd---secrrr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/comm---logiin---uphlddd---secrrr.pages.dev/
Last updated: 2026-04-01