# su-shi.sbs — SUSPICIOUS

> Discover the phishing threat behind su-shi.sbs, a medium-risk domain now offline. Learn what made this site suspicious and its current status.

## Summary
PhishDestroy identifies su-shi.sbs as a medium-risk phishing domain targeting unsuspecting users. The site was designed to trick visitors into revealing sensitive information through deceptive tactics.

The domain was registered on December 12, 2025, via Dynadot LLC and resolved to the IP address 12.11.10.2. This infrastructure was likely used to host malicious content and facilitate phishing attacks.

Currently, su-shi.sbs is offline and no longer accessible. PhishDestroy recommends maintaining vigilance and ensuring that any suspicious communications linked to this domain are reported and blocked to prevent further exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: su-shi.sbs

## Domain Intelligence
- Registered: 2026-03-04 13:07:01
- Registrar: Dynadot LLC
- Country: US
- IP: 12.11.10.2
- IP Org: Cloudflare CDN
- Nameservers: ["ashley.ns.cloudflare.com", "denver.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["SOCRadar", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb8fc-fdcd-77db-9340-25bda976bb0a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/92f1240d-4b63-40ea-aeb9-aaf60c8ff030
- PhishDestroy: https://phishdestroy.io/domain/su-shi.sbs/
- LLM endpoint: https://phishdestroy.io/domain/su-shi.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/su-shi.sbs/
Last updated: 2026-03-19