# om1a.xyz — SUSPICIOUS

> om1a.xyz is linked to generic phishing with low risk. Stay alert and avoid interaction. Check PhishDestroy for updates and protect your data today.

## Summary
PhishDestroy identifies om1a.xyz as a domain involved in generic phishing activities, classified under a low-risk threat level. This domain was registered recently on February 3, 2026, indicating its potential use in emerging fraudulent campaigns. The classification arises from behavioral patterns associated with phishing rather than targeted or highly sophisticated attacks, suggesting a more opportunistic approach by threat actors.

Technical indicators reveal that om1a.xyz resolves to the IP address 159.100.6.19 and was registered through Ultahost, Inc., a registrar known to be occasionally abused by malicious actors for quick domain registrations. VirusTotal scans indicate that 2 out of 95 security vendors flagged the domain, confirming some level of suspicion but not widespread detection. These factors combined suggest the domain is part of a low-scale phishing infrastructure, possibly used to harvest sensitive data through generic phishing emails or webpages.

Currently, om1a.xyz remains active and under observation by threat intelligence platforms like PhishDestroy. Users and administrators are advised to monitor interactions with this domain closely and implement preventive measures such as blocking the domain and educating users about phishing risks. Continued surveillance will determine if the threat level escalates or if the domain becomes part of larger phishing campaigns.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Account Suspended

## Domain Intelligence
- Registered: 2026-02-03 15:57:03
- Registrar: Ultahost, Inc.
- IP: 159.100.6.19
- Nameservers: ns1.ultahost.com ns2.ultahost.com ns3.ultahost.com ns4.ultahost.com

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d01f0-38e9-7552-b156-4b0f3e977a1c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/89c7d3ad-32c1-4d62-81d6-cce9973362b2
- PhishDestroy: https://phishdestroy.io/domain/om1a.xyz/
- LLM endpoint: https://phishdestroy.io/domain/om1a.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/om1a.xyz/
Last updated: 2026-03-19