# umisavnp.cc — MALICIOUS

> Check the safety status of umisavnp.cc. Learn why this medium-risk phishing domain was taken offline and how to protect yourself.

## Summary
PhishDestroy identifies umisavnp.cc as a medium-risk phishing domain, posing potential threats by attempting to deceive users into divulging sensitive information. Phishing attacks like these can lead to identity theft, financial loss, and compromised credentials, making awareness crucial.

The domain umisavnp.cc was registered on February 21, 2026, via NICENIC INTERNATIONAL GROUP CO., LIMITED. It was flagged by multiple security vendors and appeared on several blocklists before being taken offline, indicating active malicious use and prompt response by security communities.

Users are advised to avoid interacting with umisavnp.cc or any associated links. Regularly update security software and employ caution when receiving unsolicited communications requesting personal data. Staying vigilant helps prevent falling victim to phishing scams linked to such threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: umisavnp.cc | 522: Connection timed out

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ns1.cloudflare.com", "ns2.cloudflare.com"]
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 8 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Seclookup", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Live Page Content

### Page Text
Forbidden

## Evidence
- Screenshot: https://urlscan.io/screenshots/019904f7-521a-71db-af60-bdc4634516d2.png
- PhishDestroy: https://phishdestroy.io/domain/umisavnp.cc/
- LLM endpoint: https://phishdestroy.io/domain/umisavnp.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/umisavnp.cc/
Last updated: 2026-03-18