# berlusconi.su — SUSPICIOUS

> berlusconi.su is a credential theft domain detected with 0/95 VirusTotal detections. This site mimics official services to steal login details.

## Summary
PhishDestroy identifies berlusconi.su as a credential theft domain currently active and under investigation for phishing attacks. This domain was flagged with a generic phishing threat type and remains undetected by security engines, as evidenced by its 0 out of 95 VirusTotal detections. The domain was registered through BEGET-SU on August 27, 2024, and currently resolves to IP 46.30.40.102, which is associated with low reputation hosting environments. Its SSL certificate, issued by Let's Encrypt, does not indicate legitimacy, as threat actors frequently exploit free certificates to appear trustworthy.  Technical analysis of berlusconi.su reveals a high-risk profile despite low initial detection rates. The domain’s recent creation date (August 27, 2024) and registration through BEGET-SU, a hosting provider known to tolerate malicious activity, further elevate its threat level. While VirusTotal shows 0 detections at this time, this should not be interpreted as safety. Credential theft phishing domains often evade detection for hours or days, enabling successful compromises before blacklisting occurs. The use of IP 46.30.40.102—a known low-reputation IP range—correlates with previous campaigns distributing credential harvesters and malware droppers.  All users are strongly advised to avoid interacting with berlusconi.su or entering any credentials, payment data, or personal information. If you have visited this site and submitted sensitive details, immediately change passwords across all associated accounts and enable multi-factor authentication where available. Report the domain to your security provider or platform (e.g., Google Safe Browsing, PhishTank) and monitor accounts for suspicious activity. Consider using network-level or endpoint protection solutions capable of identifying zero-day phishing domains. This domain remains under active monitoring and its status may change as new intelligence emerges.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-08-27 00:04:46
- Registrar: BEGET-SU
- IP: 46.30.40.102

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4799a975-ab7c-46e5-b137-9849859686b0
- PhishDestroy: https://phishdestroy.io/domain/berlusconi.su/
- LLM endpoint: https://phishdestroy.io/domain/berlusconi.su/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/berlusconi.su/
Last updated: 2026-03-23