# bypayco-be.onl — MALICIOUS

> Discover why bypayco-be.onl is marked high-risk for phishing. Learn its status, threat details, and safety measures to protect your data.

## Summary
PhishDestroy identifies bypayco-be.onl as a high-risk generic phishing domain targeting users by impersonating Google. The domain's intent is to deceive victims into divulging sensitive information, posing significant security threats.

Supporting evidence includes its registration through NameSilo, LLC and appearance on three different security blocklists. VirusTotal flags the domain on 10 out of 95 security vendors, reinforcing its malicious nature. The domain resolves to IP 178.16.52.57 and was created recently on March 6, 2026, indicating fresh and potentially ongoing phishing campaigns.

Currently, bypayco-be.onl is offline, reducing immediate risk. Users are advised to avoid interacting with any links or communications tied to this domain. Continuous monitoring and blocking of this domain through security tools are recommended to prevent exposure to credential theft or other phishing-related harms.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Google

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: NameSilo, LLC
- Country: US
- IP: 178.16.52.57
- IP Country: DE
- IP City: Frankfurt am Main
- IP Org: AS202412 Omegatech LTD
- Nameservers: ["ns1.dnsowl.com", "ns2.dnsowl.com", "ns3.dnsowl.com"]
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Seclookup", "SOCRadar", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc29c-bb18-7281-bfae-fae5c682c985.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/bypayco-be.onl
- Wayback Machine: https://web.archive.org/web/https://bypayco-be.onl
- PhishDestroy: https://phishdestroy.io/domain/bypayco-be.onl/
- LLM endpoint: https://phishdestroy.io/domain/bypayco-be.onl/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bypayco-be.onl/
Last updated: 2026-03-19