# e136r.xyz — MALICIOUS

> Discover why e136r.xyz is flagged as high-risk phishing. Learn about its threats, technical details, and how to protect yourself from this active domain.

## Summary
PhishDestroy identifies e136r.xyz as a high-risk generic phishing domain. Created recently on February 22, 2026, this domain exhibits characteristics commonly associated with phishing campaigns designed to deceive users into divulging sensitive information. The domain’s nature classifies it as a significant threat to individuals and organizations that may encounter it through malicious links or deceptive communications.

The domain e136r.xyz resolves to the IP address 45.196.247.27 and is registered through Gname.com Pte. Ltd., a registrar sometimes linked to fraudulent registrations. VirusTotal analysis reveals that 21 out of 95 security engines flag this domain, indicating a strong consensus among threat detection systems about its malicious intent. The domain’s infrastructure and registration details align with typical phishing tactics, including recent creation and usage of less common TLDs, which can help attackers evade early detection.

Currently, e136r.xyz remains active and continues to pose a threat. PhishDestroy recommends immediate blocking of this domain in corporate and personal security layers to prevent exposure. Users should avoid interacting with unsolicited emails or messages containing links to e136r.xyz and report any suspicious activity. Continuous monitoring and updating of threat intelligence feeds are essential to mitigate risks from evolving phishing infrastructures like this one.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: welcome-BET365

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 45.196.247.27
- IP Country: HK
- IP City: Hong Kong
- IP Org: AS140224 Nebula Global LLC
- Nameservers: ns1.1111343.com ns1.dnsbm.com ns2.1111343.com ns2.dnsbm.com ns3.1111343.com ns4.1111343.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 20 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "Cluster25", "CRDF", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "OpenPhish", "SOCRadar", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/5WMFQP9c/90b38ec7babb.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f7a5c25a-a331-4e73-8234-7d93e8f343d1
- PhishDestroy: https://phishdestroy.io/domain/e136r.xyz/
- LLM endpoint: https://phishdestroy.io/domain/e136r.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/e136r.xyz/
Last updated: 2026-03-19