# bottomkeha.digital — MALICIOUS

> BottomKeha.digital is a dangerous phishing site flagged for social engineering. Avoid it to protect your personal data and finances.

## Summary
PhishDestroy identifies bottomkeha.digital as a high-risk phishing domain designed to deceive users into revealing sensitive information. The site, known as TwisProfit, was flagged for social engineering tactics and has been taken offline due to its malicious activity.

This phishing operation tricks visitors by mimicking legitimate financial platforms or services, aiming to steal login credentials, personal details, or financial data. It is part of a broader network flagged on multiple blocklists and threat intelligence sources, indicating a coordinated scam effort.

If you visited bottomkeha.digital, immediately change any passwords you entered and monitor your financial accounts for suspicious activity. Avoid clicking links from unknown sources and use trusted security software to scan your devices regularly.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: TwisProfit

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2026-09-18 00:00:00
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: eoin.ns.cloudflare.com gene.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 20 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "Chong Lua Dao", "Cluster25", "CRDF", "CyRadar", "DNS8", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bd2e8-2dd5-740b-8355-1907b2836479.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/5d5eda76-e8b5-46d7-8842-c74adc073ada
- PhishDestroy: https://phishdestroy.io/domain/bottomkeha.digital/
- LLM endpoint: https://phishdestroy.io/domain/bottomkeha.digital/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bottomkeha.digital/
Last updated: 2026-03-19