# t50a.xyz — MALICIOUS

> The domain t50a[.]xyz has been identified as a cryptocurrency phishing site. This malicious website targets Web3 users, attempting to steal wallet credentials and digital assets. PhishDestroy detected 4 risk indicators. View the full threat analysis.

## Summary
Threat Overview
The domain t50a[.]xyz has been identified as a cryptocurrency phishing website. This malicious site targets Web3 users by mimicking legitimate crypto platforms to steal wallet credentials and digital assets.
Attack Analysis
Phishing sites in the cryptocurrency space commonly employ wallet-draining techniques, fake token approval requests, and seed phrase harvesting to steal digital assets from unsuspecting victims.
Risk Indicators

- Domain registered on xyz TLD
- Contains cryptocurrency-related keywords
- Domain length: 8 characters
- Uses a TLD frequently associated with malicious domains
- Contains numbers in the domain name, often seen in phishing
- Vt Detected
- Drainer Detected

Protection Tips
Always verify URLs before connecting your wallet. Use bookmarks for frequently visited crypto platforms. Enable transaction simulation tools to preview what you're signing.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)

## Domain Intelligence
- Registered: 2026-03-14 09:29:00
- Registrar: Gname.com Pte. Ltd.
- IP: 103.233.249.125
- Nameservers: ns1.1111343.com ns1.dnsbm.com ns2.1111343.com ns2.dnsbm.com ns3.1111343.com ns4.1111343.com

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["ADMINUSLabs", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "LevelBlue", "Netcraft", "OpenPhish", "Seclookup", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Live Page Content

### Page Text
welcome-BET365

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cf183-58da-72b5-8eee-ae49998cb036.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f0eeac87-48c0-42a9-a01b-9d5e590987ff
- PhishDestroy: https://phishdestroy.io/domain/t50a.xyz/
- LLM endpoint: https://phishdestroy.io/domain/t50a.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/t50a.xyz/
Last updated: 2026-03-16