# benqi.cc — SUSPICIOUS

> benqi.cc shows signs of low-risk phishing activity but is currently offline. Learn about its safety status and recommended precautions here.

## Summary
PhishDestroy identifies benqi.cc as a domain associated with generic phishing threats, though currently assessed at a low-risk level. This classification suggests the domain was used in phishing attempts aimed at deceiving users into divulging sensitive information. Despite its threat nature, the low risk indicates limited activity or impact, but users should remain vigilant when encountering communications referencing this domain.

Technical analysis reveals that benqi.cc was registered on February 21, 2026, through a dead domain registrar, which often indicates a lack of ongoing management or legitimacy. The domain appeared on three separate security blocklists, signaling prior detection by security entities monitoring malicious infrastructure. VirusTotal scanning flagged benqi.cc by 2 out of 95 vendors, reflecting some recognition of suspicious behavior but not widespread consensus. These data points suggest the domain was part of a transient phishing campaign or a setup that did not gain significant traction.

Currently, benqi.cc is offline and no longer actively serving content, reducing immediate risks to users. However, given its phishing history, PhishDestroy recommends continued monitoring of any links or references to benqi.cc in emails or websites. Organizations should ensure their security filters include this domain to prevent potential future threats if it re-emerges. Users are advised to avoid interacting with any past communications related to benqi.cc and maintain standard anti-phishing best practices.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)
- Page title: Benqi

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 37.27.135.61
- IP Country: FI
- IP City: Helsinki
- IP Org: AS24940 Hetzner Online GmbH
- Nameservers: ["3-get.njalla.fo", "1-you.njalla.no", "2-can.njalla.in"]
- SSL Issuer: R12

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["alphaMountain.ai", "Forcepoint ThreatSeeker"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199106a-8e43-770c-9ea2-525b703caba7.png
- PhishDestroy: https://phishdestroy.io/domain/benqi.cc/
- LLM endpoint: https://phishdestroy.io/domain/benqi.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/benqi.cc/
Last updated: 2026-03-18