# amlbot.cc — MALICIOUS

> amlbot.cc is flagged for phishing and listed on multiple blocklists. Learn why this offline domain poses risks and how to stay protected.

## Summary
PhishDestroy identifies amlbot.cc as a medium-risk phishing domain targeted at generic fraud schemes. The domain was created on February 21, 2026, and has been associated with deceptive practices aimed at compromising user data.

Technically, amlbot.cc was registered through a now-defunct registrar and currently appears on three security blocklists. VirusTotal analysis shows 7 out of 95 security vendors flagging it, indicating confirmed malicious activity. The domain infrastructure lacked robust security controls, contributing to its vulnerability.

Currently, amlbot.cc is taken offline, reducing immediate threats. However, users and organizations should remain vigilant, update their security filters, and avoid any interaction with related URLs to prevent potential phishing exposures.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Scam type: AML Scam
- Target brand: AMLBot
- Page title: Attention Required! | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 87.120.219.250
- IP Country: GB
- IP City: London
- IP Org: AS215540 GLOBAL CONNECTIVITY SOLUTIONS LLP
- Nameservers: ["keenan.ns.cloudflare.com", "tara.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Seclookup", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c57d5-ee09-7771-b2f5-0eb80b6b4ca0.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/9eb87d7a-1c3e-4ece-9c2d-b48054ef5891
- PhishDestroy: https://phishdestroy.io/domain/amlbot.cc/
- LLM endpoint: https://phishdestroy.io/domain/amlbot.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/amlbot.cc/
Last updated: 2026-03-19