66d977a8d8.nxcli.io

Name: URL Security Scans for 66d977a8d8.nxcli.io
Creator: URLert
License: https://www.urlert.com/terms

Potentially Malicious High Traffic Tranco #42,169

This domain is being used to host fraudulent payment pages designed to steal credit card information by impersonating legitimate services like OpenAI's ChatGPT.

Potentially Malicious phishingfraudcredential harvestingmalicious

Community Intelligence

Safe 0% Suspicious 0% Dangerous 0%

0 votes

Safety Recommendation

High Risk Detected: Our security engines have flagged this site for malicious behavior, such as brand impersonation or phishing.

We strongly advise using NordVPN’s Threat Protection to automatically neutralize these threats before they can load on your device.

Try NordVPN Threat Protection Affiliate disclosure: We may earn a commission from purchases.

Investigate a specific URL

Community Discussion

View Discussions

Recent Threat Analysis

URLert analyzed recent scan activity for 66d977a8d8.nxcli.io and found 2 results.

Status	Target URL	Type	Time
Malicious	https://66d977a8d8.nxcli.io/wp-admin/vip/kol/der/web/pay.php		1d ago
Dangerous	https://66d977a8d8.nxcli.io/wp-admin/vip/kol/der/web/pay.php		1d ago

Network Infrastructure

Historical and current IP address mappings for this domain.

IP Address / Infrastructure	Status	Subdomains	Last Seen
199.189.225.220 LIQUIDWEB - Liquid Web, L.L.C (AS32244)	Active	66d977a8d8.nxcli.io	Today

199.189.225.220

LIQUIDWEB - Liquid Web, L.L.C (AS32244)

Active

66d977a8d8.nxcli.io

Seen Today

Security Considerations

While 66d977a8d8.nxcli.io is an established platform, these capabilities require extra vigilance.

Custom Subdomains

66d977a8d8.nxcli.io allows users to create custom addresses like "anything.nxcli.io". An address like "paypal-secure.nxcli.io" may look official but is actually controlled by whoever registered that subdomain—not the domain operator.

Remember: The platform itself is established, but even established platforms can be abused.

Something wrong?

• Domain owner?

Developer API

Integrate Domain Intelligence

Access this classification data programmatically via our API.

GET /api/v1/classify?domain=66d977a8d8.nxcli.io

{
  "domain": "nxcli.io",
  "confidence": "high",
  "category": {
    "purpose": "potentially_malicious",
    "specialization": "Phishing and Fraud"
  },
  "identity": {
    "headline": "Malicious site impersonating OpenAI payment services",
    "summary": "This domain is being used to host fraudulent payment pages designed to steal credit card information by impersonating legitimate services like OpenAI's ChatGPT.",
    "operator": null,
    "parent_entity": null,
    "topics": [
      "phishing",
      "fraud",
      "credential harvesting",
      "malicious"
    ]
  },
  "functions": {
    "is_ugc_platform": false,
    "is_file_host": false,
    "is_url_shortener": false,
    "is_public_idp": false,
    "is_crypto_platform": false,
    "allows_user_subdomains": true,
    "is_form_builder": false,
    "is_document_host": false
  },
  "facts": {
    "registered_date": "2017-12-05T19:38:55Z",
    "rank": 42169,
    "hosting_provider": "LIQUIDWEB - Liquid Web, L.L.C"
  }
}

API Documentation ↗ • View Pricing ↗