# ops-sea-loginx-cloud.pages.dev — MALICIOUS

> Warning: ops-sea-loginx-cloud.pages.dev is a high-risk phishing site impersonating cloud login pages. Avoid entering credentials and stay safe.

## Summary
PhishDestroy identifies ops-sea-loginx-cloud.pages.dev as a high-risk credential phishing domain designed to steal user login information by mimicking legitimate cloud service login portals. Credential phishing remains a critical threat because it can lead to unauthorized access, data breaches, and financial loss for individuals and organizations.

This suspicious domain was registered through Cloudflare, Inc. and resolves to IP address 172.66.44.113. It was created recently on February 21, 2026, and has been flagged by Google Safe Browsing for social engineering risks. Additionally, it appears on multiple security blocklists and 14 out of 95 VirusTotal security vendors detect it as malicious. Currently, the domain is taken offline, likely due to intervention from security providers.

Users should avoid visiting ops-sea-loginx-cloud.pages.dev and never provide any credentials if prompted. If you suspect you have entered information on this site, immediately change your passwords on the legitimate service and enable multi-factor authentication where possible. Always verify URLs carefully before logging in and use security tools to block access to known phishing domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.113
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["susan.ns.cloudflare.com", "henry.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b6ca5-977c-708d-b843-5d283b415fd1.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/22351dba-946b-4962-b17f-fb5dd6f037c3
- PhishDestroy: https://phishdestroy.io/domain/ops-sea-loginx-cloud.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ops-sea-loginx-cloud.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ops-sea-loginx-cloud.pages.dev/
Last updated: 2026-03-19