# moniheritltd.com — MALICIOUS

> moniheritltd.com is flagged for phishing. Avoid interacting with it and stay safe by not sharing personal info or clicking suspicious links.

## Summary
PhishDestroy identifies moniheritltd.com as a high-risk generic phishing domain designed to deceive users by mimicking legitimate financial services such as mobile banking, credit cards, mortgages, and auto loans. Phishing threats like this are critical because they aim to steal sensitive data, including login credentials and financial information, which can lead to identity theft and financial loss. The presence of suspicious page titles adds to the risk of user deception.

The domain moniheritltd.com was registered on February 21, 2026, and resolves to the IP address 213.165.249.109. It is registered through GO54 Limited. VirusTotal flagged it by 11 out of 95 security vendors, and it appears on one known security blocklist. These multiple detections indicate a consensus among security tools that the domain is unsafe. The domain has since been taken offline, reducing immediate risk but not eliminating potential exposure from prior encounters.

Users are strongly advised to avoid visiting moniheritltd.com or submitting any credentials or personal information if they encounter it. If you believe you may have interacted with the site, review your accounts for suspicious activities and consider changing passwords immediately. Employ updated security software and remain cautious when handling unsolicited links, especially those related to financial services.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Page title: Home | Mobile Banking, Credit Cards, Mortgages, Auto Loan

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: GO54 Limited
- IP: 213.165.249.109
- IP Country: NL
- IP City: Lelystad
- IP Org: AS22611 InMotion Hosting, Inc.
- Nameservers: ["ns1.srvconfigr.com", "ns2.srvconfigr.com"]
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199ec0a-27d7-758c-a2ab-ab803ffdc23e.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a4cb0fcf-e44d-41a8-b77c-ec8c576f0579
- PhishDestroy: https://phishdestroy.io/domain/moniheritltd.com/
- LLM endpoint: https://phishdestroy.io/domain/moniheritltd.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/moniheritltd.com/
Last updated: 2026-03-19