# sleetos.pages.dev — MALICIOUS

> sleetos.pages.dev poses a medium-risk phishing threat linked to crypto scams. Stay vigilant and avoid interacting with this domain.

## Summary
PhishDestroy identifies sleetos.pages.dev as a medium-risk generic phishing domain associated with attempts to deceive users under the guise of "Tosa Token — Ecosystem of The Community." Phishing attacks like this aim to steal sensitive information, such as login credentials or cryptocurrency wallet details, which can lead to financial loss and identity theft. The presence of this domain on multiple blocklists highlights active malicious intent and a tangible threat to users engaging with crypto or token-related services.

The domain sleetos.pages.dev was registered recently on March 7, 2026, through Cloudflare, Inc., and resolves to the IP address 172.66.47.18. It currently appears offline, likely due to takedown efforts or hosting suspension. Despite being flagged by 7 out of 95 security vendors on VirusTotal and appearing on two security blocklists, the domain’s infrastructure leveraged Cloudflare’s protection services, which can sometimes complicate direct mitigation efforts. The page title referencing "Tosa Token" suggests an attempt to exploit the growing interest in cryptocurrency ecosystems.

Users are strongly advised to avoid visiting sleetos.pages.dev or entering any personal or financial information if they encounter similar suspicious domains. Employing robust endpoint security, enabling multi-factor authentication on critical accounts, and verifying the legitimacy of any communications related to cryptocurrencies can reduce exposure to such phishing threats. Reporting suspicious domains like sleetos.pages.dev to security teams or blocklists helps prevent further victimization.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Tosa Token — Ecosystem of The Community

## Domain Intelligence
- Registered: 2026-03-07 13:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.18
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: bradley.ns.cloudflare.com nataly.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["ADMINUSLabs", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Phishing Database", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/QjDXLp7V/a90d730189af.png
- Wayback Machine: https://web.archive.org/web/https://sleetos.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/sleetos.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sleetos.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sleetos.pages.dev/
Last updated: 2026-03-19