# sso-nda-x-us.pages.dev — MALICIOUS

> High-risk phishing domain sso-nda-x-us.pages.dev taken offline. Stay alert and verify site safety with PhishDestroy.

## Summary
PhishDestroy identifies sso-nda-x-us.pages.dev as a high-risk generic phishing threat designed to deceive users and steal sensitive information. This domain poses significant danger due to its intent to mimic legitimate services.

The domain was registered recently on February 21, 2026, through Cloudflare, Inc. It resolved to IP 172.66.47.54 and appeared on one security blocklist before being taken offline. VirusTotal flagged it by 16 of 95 security vendors, and the page title indicated a suspected phishing site hosted on Cloudflare’s platform.

Users are advised to avoid interacting with this domain and verify the authenticity of any related communications. Employ security tools like PhishDestroy to check suspicious URLs before engagement and always report phishing attempts to help protect the wider community.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.54
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["duke.ns.cloudflare.com", "carol.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a2823-e5f5-733f-9820-d5d094c53c63.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/615db60f-c8b9-472d-859e-67d51583da57
- PhishDestroy: https://phishdestroy.io/domain/sso-nda-x-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sso-nda-x-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sso-nda-x-us.pages.dev/
Last updated: 2026-03-19