# site-6224f3e18885.mypreview.site — MALICIOUS

> site-6224f3e18885.mypreview.site is linked to phishing activity with medium risk. Stay cautious and verify before interacting with this domain.

## Summary
PhishDestroy identifies site-6224f3e18885.mypreview.site as a medium-risk phishing domain designed to deceive users. The page title "New Page" suggests minimal legitimate content, common in generic phishing setups.

This domain was registered on August 06, 2018, via Safenames Ltd and resolves to IP 162.159.140.60. VirusTotal flags it by 6 out of 95 security vendors, confirming suspicion of malicious intent. The infrastructure hints at abuse of preview site platforms for phishing.

Currently active, this domain remains a threat to unsuspecting users. PhishDestroy recommends blocking access and monitoring for related phishing campaigns to prevent credential theft or fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: New Page

## Domain Intelligence
- Registered: 2026-03-10 13:07:01
- Registrar: Safenames Ltd
- Country: GB
- IP: 162.159.140.60
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ns-1121.awsdns-12.org", "ns-1579.awsdns-05.co.uk", "ns-41.awsdns-05.com", "dns1.p08.nsone.net", "dns2.p08.nsone.net", "dns3.p08.nsone.net"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 20 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "BitDefender", "Certego", "Chong Lua Dao", "Cluster25", "CRDF", "CyRadar", "DNS8", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "OpenPhish", "Seclookup", "Sophos", "Trustwave", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd7ab-a05d-7327-962f-d7ebb4d1fb5b.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/d049b0bb-b29a-463d-b09d-26d9860dc904
- PhishDestroy: https://phishdestroy.io/domain/site-6224f3e18885.mypreview.site/
- LLM endpoint: https://phishdestroy.io/domain/site-6224f3e18885.mypreview.site/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/site-6224f3e18885.mypreview.site/
Last updated: 2026-03-19