# login-hotmaii.com — MALICIOUS

> login-hotmaii.com is an active credential phishing domain mimicking Hotmail login pages, flagged by 18 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies the active credential phishing domain login-hotmaii.com impersonating Microsoft Hotmail login pages to harvest user credentials.

This domain was flagged by 18 of 95 VirusTotal security vendors, registered through Hosting Concepts B.V. d/b/a Registrar.eu on March 23, 2026. The domain resolves to IP address 45.74.47.162 and is associated with 1 additional blocklist detections, while maintaining low trust scores across multiple threat intelligence platforms.

The campaign is currently active and leverages a Let's Encrypt SSL certificate to appear legitimate. Users should avoid interacting with this domain and verify any suspicious login pages using PhishDestroy's verification tools. Organizations are advised to block this domain at the network perimeter and update email filtering rules to detect similar impersonation attempts targeting Microsoft services.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-23 11:25:50
- Registrar: Hosting Concepts B.V. d/b/a Registrar.eu
- IP: 45.74.47.162

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1aa0802f-d914-433e-b4ea-706c27760e04
- PhishDestroy: https://phishdestroy.io/domain/login-hotmaii.com/
- LLM endpoint: https://phishdestroy.io/domain/login-hotmaii.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/login-hotmaii.com/
Last updated: 2026-03-24