# upgrade.yx7680.com — MALICIOUS

> upgrade.yx7680.com is linked to suspected phishing activity and is currently offline. Avoid interacting with this domain to protect your data.

## Summary
PhishDestroy identifies upgrade.yx7680.com as a medium-risk phishing domain designed to deceive users and capture sensitive information. Phishing threats like this pose significant risks, including identity theft and financial loss, making awareness crucial for internet users.

This domain, created on March 11, 2026, was registered via Gname.com Pte. Ltd. It resolved to IP address 172.67.186.231 and was flagged by 9 out of 95 security vendors on VirusTotal. The domain appeared on one security blocklist and has since been taken offline after being detected as a potential phishing site, as indicated by its Cloudflare page title.

Users should remain cautious and avoid visiting upgrade.yx7680.com or entering any personal details if prompted. Employing updated security solutions and staying informed about emerging phishing tactics can help mitigate risks. If you encounter suspicious emails or links related to this domain, report them to your security team or relevant authorities immediately.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-11 17:07:02
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 172.67.186.231
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["frank.ns.cloudflare.com", "kara.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 9 vendors flagged
  Vendors: ["ADMINUSLabs", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "G-Data", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce201-7e1f-7264-92bc-752c272bc29a.png
- PhishDestroy: https://phishdestroy.io/domain/upgrade.yx7680.com/
- LLM endpoint: https://phishdestroy.io/domain/upgrade.yx7680.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/upgrade.yx7680.com/
Last updated: 2026-03-19