# whatsapapp.hl.cn — MALICIOUS > whatsapapp.hl.cn is a live brand impersonation phishing domain flagged by 14/95 VirusTotal scanners. Disguised as WhatsApp, it harvests credentials to drain. ## Summary PhishDestroy identifies whatsapapp.hl.cn as an active brand impersonation phishing domain targeting users of WhatsApp. The domain poses as the legitimate WhatsApp service to deceive victims into entering login credentials, which are then harvested for account takeover and potential crypto-draining activities. Risk level is elevated due to operational hosting and partial detection. This domain was flagged by 14 out of 95 VirusTotal security vendors, indicating partial detection but not universal coverage. It was registered through 万商云集(成都)科技股份有限公司 and resolves to IP 168.76.145.208. The domain was created on March 26, 2026, and utilizes a Let's Encrypt SSL certificate for perceived legitimacy. No additional blocklist data was provided, but the combination of low age, high-risk hosting, and partial detection warrants heightened concern. To mitigate exposure, organizations and individuals should block whatsapapp.hl.cn at the network and DNS levels immediately. Users should avoid accessing the domain and verify all URLs before entering credentials. Security teams should monitor for traffic to 168.76.145.208. If credential theft is suspected, force password resets and enable multi-factor authentication on WhatsApp accounts. Report the domain to hosting providers and security vendors for takedown and signature updates. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-26 22:20:01 - Registrar: 万商云集(成都)科技股份有限公司 - IP: 168.76.145.208 ## Detection Status - VirusTotal: 14 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/562e6728-04e7-4c54-b968-2069ab0df3c1 - PhishDestroy: https://phishdestroy.io/domain/whatsapapp.hl.cn/ - LLM endpoint: https://phishdestroy.io/domain/whatsapapp.hl.cn/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/whatsapapp.hl.cn/ Last updated: 2026-03-30