# soosa.pages.dev — SUSPICIOUS

> soosa.pages.dev delivers a convincing fake login page to steal credentials. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies soosa.pages.dev as a live phishing domain hosting a counterfeit login portal designed to harvest user credentials for major services. The page is styled to impersonate a legitimate authentication interface and is currently served over HTTPS via Google Trust Services, increasing its credibility to potential victims. The domain resolves to Cloudflare IP 188.114.96.3 and remains undetected on VirusTotal as of the latest scan, indicating a low detection rate despite active abuse. While the exact creation date is not publicly available, the absence of flagging across 95 security engines underscores the need for user vigilance and proactive threat intelligence sharing.

This domain was flagged by PhishDestroy under the unique seed e770ef due to its active role in a credential harvesting campaign. Registered through Cloudflare, Inc., soosa.pages.dev leverages the provider’s infrastructure to evade early detection and maintain uptime. Current intelligence shows zero detections on VirusTotal, which contrasts with typical phishing domains that are detected within hours of going live. The use of a Google-issued SSL certificate further enhances its legitimacy, tricking users into entering sensitive login details without suspicion.

If you have visited soosa.pages.dev or entered any credentials, immediately change passwords for the affected account and enable multi-factor authentication where available. Scan your device with updated antivirus software and review account activity for signs of unauthorized access. Report the domain to your security team or through PhishDestroy’s submission portal to help raise its detection profile. Avoid interacting with this site and warn others—this domain remains active and poses a direct risk to personal and organizational security.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b6c9729d-3f34-4a3b-804c-29bfb8766797
- PhishDestroy: https://phishdestroy.io/domain/soosa.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/soosa.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/soosa.pages.dev/
Last updated: 2026-03-28