# online.ec.cc — MALICIOUS

> PhishDestroy identifies online.ec.cc as a malware-dropper phishing domain. 19 of 95 security vendors flag this site.

## Summary
PhishDestroy identifies online.ec.cc as an active malware-dropper phishing domain designed to trick users into downloading malicious payloads or surrendering login details.

This domain was flagged by 19 of 95 VirusTotal security vendors and resolves to IP 137.220.156.229. Registered via Gname.com Pte. Ltd. in October 1997, the site holds a legitimate Let’s Encrypt SSL certificate, increasing its appearance of trustworthiness. The combination of an aged domain and high blocklist rate heightens the risk of drive-by downloads or credential harvesting.

If you visited online.ec.cc, assume exposure: avoid entering any information, scan connected devices immediately using updated antivirus tools, and change passwords for any accounts you may have accessed using that device. Report the domain to your IT security team or local cybercrime unit and block the domain (137.220.156.229) at the network level to prevent further contact.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 1997-10-13 04:00:00
- Registrar: Gname.com Pte. Ltd.
- IP: 137.220.156.229

## Detection Status
- VirusTotal: 19 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2f38b028-c0a1-47df-8e1d-6e940e46dc3c
- PhishDestroy: https://phishdestroy.io/domain/online.ec.cc/
- LLM endpoint: https://phishdestroy.io/domain/online.ec.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/online.ec.cc/
Last updated: 2026-03-28