# us05.eu — SUSPICIOUS

> Stay safe from phishing threats. The domain us05.eu is active and linked to phishing. Avoid interaction and report suspicious activity immediately.

## Summary
PhishDestroy identifies us05.eu as an active phishing domain posing a low risk but still warranting caution. This threat is significant because phishing attempts can compromise sensitive user information and lead to scams or identity theft. Users should be aware that even low-risk phishing sites can be dangerous if interacted with.

The domain us05.eu was registered recently on March 11, 2026, through Dynadot LLC and resolves to IP 172.86.91.195. It currently appears on three security blocklists, though only one out of 95 VirusTotal security engines flags it, indicating it may be a newly emerging threat or operating under limited detection. The page title found is "Welcome to XAMPP," which could be a placeholder or part of the phishing setup.

Users are advised to avoid visiting or interacting with us05.eu, as phishing threats can evolve rapidly. If encountered, do not provide any personal information or credentials. Reporting suspicious domains like us05.eu to IT security teams or relevant authorities helps mitigate risks. Maintain updated antivirus software and employ caution when clicking unknown links to stay protected.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 526)
- Page title: Welcome to XAMPP

## Domain Intelligence
- Registered: 2026-03-11 19:07:01
- Registrar: Dynadot LLC
- Country: US
- IP: 172.86.91.195
- IP Country: US
- IP City: Dallas
- IP Org: AS14956 RouterHosting LLC
- Nameservers: ["ns2.dyna-ns.net", "ns1.dyna-ns.net"]
- SSL Issuer: localhost

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce201-853a-71bf-a0c4-2bdef18a00ed.png
- PhishDestroy: https://phishdestroy.io/domain/us05.eu/
- LLM endpoint: https://phishdestroy.io/domain/us05.eu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/us05.eu/
Last updated: 2026-03-19