# authprotocol-data.xyz — SUSPICIOUS

> Caution: authprotocol-data.xyz is linked to phishing activity. Avoid interactions with this domain to protect your credentials and data.

## Summary
PhishDestroy has identified authprotocol-data.xyz as a domain involved in generic phishing activities. Classified as a low-risk threat, it primarily aimed to deceive users by mimicking legitimate services, with the page title appearing as 'Google' to lure unsuspecting victims.

This domain was registered on March 09, 2026, via NiceNIC International Group Co., Limited, and resolved to the IP address 188.114.96.3. It appeared on one security blocklist and was flagged by 2 out of 95 VirusTotal security vendors, indicating limited but notable suspicion. The infrastructure suggests an attempt to impersonate trusted platforms, consistent with phishing tactics.

Currently, authprotocol-data.xyz is offline and no longer accessible. PhishDestroy advises users to remain vigilant and avoid clicking on links from this domain or entering any personal information. Continuous monitoring and blocking efforts helped mitigate potential harm associated with this threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: Google

## Domain Intelligence
- Registered: 2026-03-09 09:07:01
- Expires: 2027-01-12 00:00:00
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: kobe.ns.cloudflare.com meilani.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Forcepoint ThreatSeeker", "Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/3XW7kCq/4fb3ca6dbdc3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f6082a50-5996-4b30-811e-b1604bc77b36
- PhishDestroy: https://phishdestroy.io/domain/authprotocol-data.xyz/
- LLM endpoint: https://phishdestroy.io/domain/authprotocol-data.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/authprotocol-data.xyz/
Last updated: 2026-03-19