# ussrusa.pages.dev — SUSPICIOUS

> PhishDestroy flags ussrusa.pages.dev for phishing using a Google Trust Services SSL certificate. Resolves to 172.66.44.

## Summary
PhishDestroy identifies ussrusa.pages.dev as a live phishing domain actively masquerading as a legitimate site to harvest user credentials and sensitive data. This domain leverages Cloudflare’s Pages.dev infrastructure to appear authentic while deploying deceptive tactics such as spoofing government or organizational branding through the ussrusa prefix, which may lure victims into trusting the site. The threat is specifically designed to trick users into entering login details or personal information under false pretenses, posing immediate risk to financial and identity security.  

This domain was flagged by PhishDestroy with a status of active and under investigation. Intelligence confirms registration through Cloudflare, Inc., and the domain resolves to IP address 172.66.44.178. Critically, VirusTotal currently shows 0 detections out of 95 security engines, indicating this phishing campaign is not yet widely recognized by automated scanners. The presence of a Google Trust Services SSL certificate further enhances the illusion of legitimacy, making it easier to deceive non-technical users.  

If you have visited ussrusa.pages.dev, immediately cease interaction and disconnect from the site. Do not enter any login credentials, payment details, or sensitive information. Clear your browser cache and cookies to remove any session data tied to the site. Report the domain to your organization’s security team or to PhishDestroy via the seed adec42 for further analysis. Monitor financial accounts and enable multi-factor authentication on critical services to prevent unauthorized access. Stay vigilant—this domain remains active and poses a credible threat to unsuspecting users.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.178

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/275ec87a-d2f2-466e-b8e5-9a422411e575
- PhishDestroy: https://phishdestroy.io/domain/ussrusa.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ussrusa.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ussrusa.pages.dev/
Last updated: 2026-03-22