# p210h.xyz — MALICIOUS

> PhishDestroy identifies p210h.xyz as a high-risk fake login credential harvesting domain flagged by 22 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies p210h.xyz as a high-risk generic phishing domain currently active in the wild. This domain is designed to deceive users into surrendering sensitive login credentials under false pretenses. No specific brand impersonation has been confirmed at this time, but the domain’s infrastructure is optimized for credential theft.

This domain was flagged by 22 of 95 VirusTotal security vendors and is currently blocked by Google Safe Browsing under the SOCIAL_ENGINEERING classification. It was registered through Gname.com Pte. Ltd., resolves to IP 103.233.249.125, and holds a valid Let’s Encrypt SSL certificate. The domain was created on March 16, 2026, indicating recent deployment in support of active campaigns.

The current status of p210h.xyz is active and high-risk, with multiple security platforms detecting its malicious intent. Users should immediately cease all interactions with this domain and avoid entering any credentials or personal information. Network defenders are advised to block the domain at DNS and firewall levels and inspect traffic for connections to IP 103.233.249.125. Administrators should also review logs for prior access and proactively warn users. Immediate takedown of this domain is strongly recommended due to its freshly registered status and high detection rate.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-16 10:42:45
- Registrar: Gname.com Pte. Ltd.
- IP: 103.233.249.125

## Detection Status
- VirusTotal: 22 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2125c296-1eff-4f05-920d-c69f765e21c0
- PhishDestroy: https://phishdestroy.io/domain/p210h.xyz/
- LLM endpoint: https://phishdestroy.io/domain/p210h.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/p210h.xyz/
Last updated: 2026-03-21