# lbapp339.site — SUSPICIOUS

> PhishDestroy identifies lbapp339.site as a live credential-stealing site with 0/95 VirusTotal detections.

## Summary
PhishDestroy has identified an active credential-stealing campaign using the domain lbapp339.site, which impersonates a legitimate login portal to harvest user credentials. This domain resolves to IP address 45.59.170.102 and was registered through Namecheap Inc. on January 22, 2026. The domain currently has 0 detections out of 95 VirusTotal scans, indicating it has not yet been widely flagged as malicious by antivirus engines.  The threat posed by lbapp339.site is significant due to its use of a Let's Encrypt SSL certificate, which may lend an air of legitimacy to unsuspecting users. The domain’s recent creation date—just days ago—suggests a rapidly deployed campaign designed to evade detection. PhishDestroy’s investigation indicates this site is part of a broader phishing operation aimed at capturing login credentials, likely targeting users of popular services. The absence of detection on VirusTotal, combined with the domain’s recent registration and active hosting on a shared IP, underscores the urgency of proactive threat mitigation.  Users who have visited lbapp339.site should immediately change any passwords that may have been entered, enable multi-factor authentication on accounts, and scan their devices for malware. Organizations should block this domain at the network level and update security protocols to include real-time monitoring for newly registered domains mimicking login portals. PhishDestroy advises heightened vigilance against domains with similar naming conventions or recent creation dates, as these are common tactics employed by threat actors to deceive users.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-22 06:51:29
- Registrar: NAMECHEAP INC
- IP: 45.59.170.102

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/73317d2b-e575-4642-ab32-32a96da85ad5
- PhishDestroy: https://phishdestroy.io/domain/lbapp339.site/
- LLM endpoint: https://phishdestroy.io/domain/lbapp339.site/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lbapp339.site/
Last updated: 2026-03-24