# oora.cc — MALICIOUS

> Warning: The domain oora.cc is active and flagged for phishing risks. Avoid interacting with it to protect your personal data and devices.

## Summary
PhishDestroy identifies oora.cc as a medium-risk generic phishing domain aimed at deceiving users to steal sensitive information. Such threats can lead to identity theft or financial loss, making awareness critical.

The domain resolves to IP 172.67.212.62 and was registered recently through Global Domain Group LLC. It is currently active, appears on one security blocklist, and has been flagged by 7 out of 95 VirusTotal security vendors. The page title "Just a moment..." may indicate an attempt to mask malicious activity.

Users should avoid visiting oora.cc or providing any personal or financial information if encountered. Employ updated security software and verify URLs carefully. Reporting suspicious domains like this helps improve collective cybersecurity.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Global Domain Group LLC
- Country: CA
- IP: 172.67.212.62
- Nameservers: ["anirban.ns.cloudflare.com", "marjory.ns.cloudflare.com"]
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["alphaMountain.ai", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Seclookup", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b9ea0-2e5a-7653-a42e-728ab1735d73.png
- PhishDestroy: https://phishdestroy.io/domain/oora.cc/
- LLM endpoint: https://phishdestroy.io/domain/oora.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/oora.cc/
Last updated: 2026-03-19