# multidappsauth.pages.dev — SUSPICIOUS

> multidappsauth.pages.dev mimics a legitimate app login portal to steal credentials. 4 of 95 VirusTotal engines flag this active Cloudflare-hosted phishing.

## Summary
PhishDestroy identifies multidappsauth.pages.dev as an active fake authentication portal hosting phishing content designed to harvest user login credentials. This domain presents an elevated risk due to its current use in credential theft campaigns.  multidappsauth.pages.dev was flagged by 4 out of 95 VirusTotal security vendors and is already blocked by ScamSniffer. The domain is registered through Cloudflare, Inc. and resolves to IP address 172.66.44.115, which hosts the phishing page behind a Google Trust Services SSL certificate. It currently appears on one security blocklist and remains active as of this analysis.  Users should never enter any login details on multidappsauth.pages.dev. If you have recently submitted credentials, immediately rotate passwords for the affected account and enable multi-factor authentication. Report the domain to your organization’s security team or via PhishDestroy’s public feed to help block further access.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.115

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5da599c8-e4e5-4ec1-acd7-6c602f531718
- PhishDestroy: https://phishdestroy.io/domain/multidappsauth.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/multidappsauth.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/multidappsauth.pages.dev/
Last updated: 2026-03-29