# su-shi.best — SUSPICIOUS

> The domain su-shi.best was used in phishing schemes. Avoid interacting with it and report suspicious links to protect your data and privacy.

## Summary
PhishDestroy identifies su-shi.best as a generic phishing domain that was active shortly after its creation in March 2026. The domain was involved in deceptive activities designed to trick users into divulging sensitive information, although the exact brand or service impersonated remains unclear. This domain posed a medium threat level based on its behavior and appearance on multiple threat intelligence blocklists.

The domain resolved to the IP address 12.11.10.2 and was registered via Dynadot LLC. VirusTotal scans flagged it as malicious by 3 out of 95 security vendors, indicating some recognition of its phishing intent. It appeared on three different security blocklists, reinforcing its classification as a phishing risk. Its infrastructure details suggest a typical setup for short-lived phishing campaigns, leveraging domain anonymity and common hosting resources.

Currently, su-shi.best is offline and inaccessible, reducing immediate risk to end users. However, users should remain vigilant about similar domain names and avoid clicking on suspicious links. It is recommended to keep security software updated and report phishing attempts to maintain safe browsing practices. PhishDestroy will continue monitoring related threats to provide timely alerts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: su-shi.best

## Domain Intelligence
- Registered: 2026-03-04 13:07:01
- Registrar: Dynadot LLC
- Country: US
- IP: 12.11.10.2
- IP Org: Cloudflare CDN
- Nameservers: ["ashley.ns.cloudflare.com", "denver.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["alphaMountain.ai", "Forcepoint ThreatSeeker", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb8fb-8268-7483-bedd-e6963ff74572.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/43f46ecb-81ae-4f42-91f4-7f84d965763c
- Wayback Machine: https://web.archive.org/web/https://su-shi.best
- PhishDestroy: https://phishdestroy.io/domain/su-shi.best/
- LLM endpoint: https://phishdestroy.io/domain/su-shi.best/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/su-shi.best/
Last updated: 2026-03-19