# bkxbkx6.sbs — SUSPICIOUS > PhishDestroy identifies bkxbkx6.sbs as an active credential harvesting phishing domain. Resolves to 23.248.202.13, created March 17, 2026. Check the full report. ## Summary PhishDestroy identifies bkxbkx6.sbs as an active credential harvesting phishing domain posing as a legitimate login portal. This site mimics trusted login pages to trick users into entering usernames, passwords, or other sensitive details. The threat is designed to harvest credentials for unauthorized access to accounts, financial data, or corporate networks. Unsuspecting visitors risk direct account compromise, financial loss, or identity theft if they submit credentials. The site’s deceptive appearance relies on urgency, branding impersonation, or fake error messages to prompt hasty submissions. Users should treat this domain with extreme caution and avoid interacting with it entirely. This domain was flagged by PhishDestroy during real-time monitoring of active phishing infrastructure. bkxbkx6.sbs resolves to IP address 23.248.202.13 and uses a valid SSL certificate issued by Let’s Encrypt, which may lend false credibility to visitors. The domain was registered through Dynadot LLC on March 17, 2026, indicating recent deployment as part of a fast-moving campaign. As of the latest scan, VirusTotal shows 0 detections out of 95 security engines, meaning most antivirus tools have not yet flagged it. This low detection rate suggests the campaign is either new or using evasion techniques to bypass initial scanning. The combination of recent registration, low detection, and active hosting points to a high-risk, emerging threat. If you visited bkxbkx6.sbs, do not enter any credentials, personal information, or payment details. Close the browser immediately and clear your browsing data if you suspect interaction. Reset passwords for any accounts you may have accessed through this domain, especially if you reused passwords. Use strong, unique passwords and enable two-factor authentication where possible. Report the domain to your security team or platform provider (e.g., Google Safe Browsing, PhishTank) to help block future access. Monitor accounts closely for unauthorized activity. Consider using a password manager that flags known phishing sites to prevent future exposure. Stay vigilant: new phishing domains emerge daily, and even legitimate-looking sites can be traps. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-17 14:25:35 - Registrar: Dynadot LLC - IP: 23.248.202.13 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1b508dd0-5faf-414d-aea0-3d24e7f50bd6 - PhishDestroy: https://phishdestroy.io/domain/bkxbkx6.sbs/ - LLM endpoint: https://phishdestroy.io/domain/bkxbkx6.sbs/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bkxbkx6.sbs/ Last updated: 2026-03-23