Prerequisites

• This is NOT a YouTube, Facebook, Twitch or a shortener/hosting site report. These sites MUST be reported by clicking their respective links.
• I read and understand the policy about what is a valid filter issue.
• I verified that this issue is not a duplicate. (Use this button to find out.). Comment in the old issue threads even when they are closed or even if you have a different problem.
• I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
• I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
• I have disabled the Developer mode in uBO Lite's settings and the issue still persists.
• I have verified that the issue still exists after using the Optimal or Complete filtering mode.
• I have verified that the web browser's built-in content blocker/tracking protection, network wide/DNS blocking, or my VPN is not causing the issue.
• I have turned off all other extensions and the issue still persists.
• If this is about a breakage or detection, I have verified that it is caused by uBO Lite and isn't a site or browser issue.
• I have verified that the browser I am using is up to date with no pending updates.
• I did not answer truthfully to ALL the above checkboxes.

URL address of the web page

https://y-comblnator.com/apply

Category

badware

Description

Bad URL: https://y-comblnator com/apply
Domain: https://y-comblnator com/

Reason for report:
This domain impersonates the legitimate Y Combinator site by replacing the “i” with an “l” in the URL to trick users. The site engages in spammy behavior, including mass pings and unsolicited issues on GitHub: ycombin/ator#17.
(https://web.archive.org/web/20250923205627/https://github.com/ycombin/ator/issues/17)

Impersonation details:
• Misleading name and branding to appear as official Y Combinator communications.
• Promises $100M investment for a non-existent W2026 program.
• Asks users to verify wallets and make a refundable deposit, which is not part of YC’s official process.

Impact:
• Users may be tricked into providing sensitive information or making payments.
• Spam and unwanted notifications on GitHub repositories can disrupt legitimate developer activity.

Recommendation:
This domain should be flagged and blocked by security filters, domain registrars, and Safe Browsing services. Users should only apply via the official Y Combinator site: https://www.ycombinator com/apply.

Additional notes:
• Official YC communications do not request wallet verification or deposits.
• This domain could potentially be used for phishing or financial scams.
• GitHub contributors should report spam activity via GitHub’s abuse reporting system.
• Security teams should monitor for similar “lookalike” domains that attempt to exploit brand trust.

Browser name and version

Safari iOS 26

Other extensions used

N/A

Country

No response

Screenshot(s)

Screenshot(s)

Configuration

name: uBlock Origin Lite
version: 2025.911.1335
browser: Safari Mobile 604 (ios)
filtering:
 site: complete
 default: complete
rulesets:
 deu-0
 annoyances-others
 annoyances-social
 ublock-badware
 adguard-mobile
 annoyances-overlays
 ublock-filters
 block-lan
 annoyances-cookies
 annoyances-notifications
 easylist
 pgl
 easyprivacy