# yetibegen.com — SUSPICIOUS

> yetibegen.com has been flagged for phishing risks and is currently offline. Avoid interaction to protect your credentials and data.

## Summary
PhishDestroy identifies yetibegen.com as a medium-risk phishing domain targeting generic victims. The nature of the threat is generic phishing, aimed at deceiving users into divulging sensitive information through fraudulent means. This classification suggests a moderate threat level that warrants caution.

Supporting evidence includes the domain's creation date of February 21, 2026, its registration through NiceNIC International Group Co., Limited, and its resolution to IP address 104.21.95.77. The domain appeared on two security blocklists and was flagged by 4 out of 95 security vendors on VirusTotal, confirming its suspicious behavior. The page title "$YETI" may indicate attempts to lure users with cryptocurrency or token-related themes, a common phishing tactic.

Currently, yetibegen.com has been taken offline, reducing immediate risk to users. PhishDestroy recommends avoiding any interaction with this domain and monitoring accounts for unusual activity if contacted via related links. Users should ensure their security tools are up to date and report suspicious communications referencing this domain to help prevent credential compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: $YETI

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.95.77
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["keira.ns.cloudflare.com", "renan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["alphaMountain.ai", "Fortinet", "G-Data", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019939b1-ba23-7378-b742-bae7b30f3749.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4e94c0c0-e604-4dbb-9ce2-5fdf99d0ab8b
- PhishDestroy: https://phishdestroy.io/domain/yetibegen.com/
- LLM endpoint: https://phishdestroy.io/domain/yetibegen.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/yetibegen.com/
Last updated: 2026-03-19