# y216p.xyz — MALICIOUS

> Discover if y216p.xyz is a credential harvesting scam. 9/95 security vendors flag this phishing domain. Check the full report.

## Summary
PhishDestroy identifies elevated risks associated with the domain y216p.xyz, a known credential harvesting scam actively engaged in fraudulent activities. Operating under a sophisticated guise, this domain mimics legitimate services to deceive users into surrendering sensitive login credentials or personal information. The elevated risk level underscores the immediate threat this domain poses to unsuspecting visitors.  This domain was flagged by 9 out of 95 security vendors on VirusTotal, indicating a high probability of malicious intent. The domain resolves to IP address 45.196.247.25 and benefits from a Let's Encrypt SSL certificate, which may lend it an air of legitimacy to further deceive users. Registered through Gname.com Pte. Ltd., the domain was created on March 29, 2026, suggesting it is a recent addition to the threat landscape. Its active status and the specific use of a Let's Encrypt certificate highlight the sophisticated tactics employed by threat actors to evade detection and exploit user trust. The combination of these factors—high VT detections, recent registration, and the use of a reputable SSL provider—creates a potent threat that demands immediate attention and mitigation.  To mitigate risks associated with credential harvesting scams like y216p.xyz, users should avoid interacting with unknown domains, especially those requesting login credentials. Verify the legitimacy of websites by cross-referencing URLs with trusted sources and checking for HTTPS and valid SSL certificates issued by reputable providers. Organizations should implement web filtering solutions and educate employees on recognizing phishing attempts. If encountering this domain, report it immediately to your IT security team or through dedicated phishing reporting platforms to help prevent further exploitation. Proactive vigilance and adherence to security best practices are critical in combating evolving phishing threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-29 07:42:07
- Registrar: Gname.com Pte. Ltd.
- IP: 45.196.247.25

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/y216p.xyz
- PhishDestroy: https://phishdestroy.io/domain/y216p.xyz/
- LLM endpoint: https://phishdestroy.io/domain/y216p.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/y216p.xyz/
Last updated: 2026-04-07