# 63442.xyz — MALICIOUS

> Discover why 63442.xyz is flagged for phishing and what risks it poses. Stay informed to protect yourself from this active threat.

## Summary
PhishDestroy has identified 63442.xyz as an active domain involved in generic phishing campaigns, presenting a significant risk to users. Phishing threats like this aim to deceive individuals into divulging sensitive information, making vigilance essential.

The domain 63442.xyz was registered recently on March 5, 2026, through Gname.com Pte. Ltd. It resolves to the IP address 45.196.247.27. Notably, 13 out of 95 security engines on VirusTotal have flagged this domain, underscoring the credibility of the threat. The domain's relatively new registration combined with its hosting infrastructure suggests it is part of a rapidly deployed phishing setup.

Users should exercise caution and avoid interacting with this domain or any unsolicited links pointing to it. Employing updated security software and verifying the legitimacy of websites before entering credentials can mitigate the risk. PhishDestroy recommends reporting suspicious activity related to 63442.xyz to help protect the community.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: welcome-BET365

## Domain Intelligence
- Registered: 2026-03-09 01:07:01
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 45.196.247.27
- IP Country: HK
- IP City: Hong Kong
- IP Org: AS140224 Nebula Global LLC
- Nameservers: ["a6.share-dns.com", "b6.share-dns.net"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CRDF", "CyRadar", "DNS8", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "OpenPhish", "SOCRadar", "Sophos", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/6c3Tryc7/aaca4da64376.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b6f0da4b-d773-438d-88cf-f934e8189e55
- Wayback Machine: https://web.archive.org/web/https://63442.xyz
- PhishDestroy: https://phishdestroy.io/domain/63442.xyz/
- LLM endpoint: https://phishdestroy.io/domain/63442.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/63442.xyz/
Last updated: 2026-03-19