# sewgamb.cc — MALICIOUS

> sewgamb.cc is a live credential-harvesting phishing site that spoofs login pages. Resolving to 188.114.96.3, it is flagged by 6 of 95 VirusTotal scanners.

## Summary
PhishDestroy identifies sewgamb.cc as an active credential-harvesting phishing site designed to trick users into surrendering login credentials. The domain resolves to 188.114.96.3 and is presently serving a fake login page that mimics a legitimate service, aiming to capture usernames, passwords, and possibly multi-factor authentication codes.  sewgamb.cc was registered on April 04, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. At this time 6 of 95 VirusTotal security vendors flag the domain as malicious, and the Let’s Encrypt SSL certificate in use indicates attackers are attempting to appear legitimate with HTTPS. The domain is newly created, lacks any legitimate content history, and has rapidly attracted detection.  If you visited sewgamb.cc, assume any credentials entered were compromised. Immediately change passwords used on the site and enable multi-factor authentication elsewhere. Scan local devices with updated antivirus software, rotate API keys and payment tokens if they were ever entered, and notify your organization’s security team if this was a business login. Block the IP 188.114.96.3 at the network perimeter and avoid the domain entirely.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-04 10:50:18
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/46eb334e-0856-4756-89ab-113bb04a08f2
- PhishDestroy: https://phishdestroy.io/domain/sewgamb.cc/
- LLM endpoint: https://phishdestroy.io/domain/sewgamb.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sewgamb.cc/
Last updated: 2026-04-14