# umliswarrp.cc — MALICIOUS

> Umliswarrp.cc was flagged for phishing activity and is currently offline. Stay vigilant and block suspicious domains to protect your network.

## Summary
PhishDestroy has identified umliswarrp.cc as a domain engaged in generic phishing activities with a medium-risk classification. The domain was designed to deceive users and potentially harvest sensitive information by masquerading as legitimate entities.

Registered on February 21, 2026, umliswarrp.cc appeared in three separate security blocklists and was flagged by 8 out of 95 antivirus engines on VirusTotal. The domain registration was handled through a dead domain registrar, further indicating suspicious intent. The infrastructure suggests use for typical phishing campaigns targeting unsuspecting users.

Currently, umliswarrp.cc is offline and no longer active. Despite this, organizations should remain cautious and continue to update their blocklists to prevent access to this and similar phishing domains. Immediate action to monitor for any reactivation attempts is recommended to maintain network security and protect end users.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: umliswarrp.cc | 521: Web server is down

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 2a06:98c1:3121::3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["graham.ns.cloudflare.com", "raquel.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 8 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199807a-d6b1-74a9-89ea-8f21f08d0f30.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/aa090bc8-4a8d-42c7-8a43-c465f7e98e95
- PhishDestroy: https://phishdestroy.io/domain/umliswarrp.cc/
- LLM endpoint: https://phishdestroy.io/domain/umliswarrp.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/umliswarrp.cc/
Last updated: 2026-03-19