# bs2site2at.net — SUSPICIOUS

> bs2site2at.net is a fake login page distributing a crypto drainer. Created June 7, 2024, it has 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies bs2site2at.net as an active, generic phishing domain designed to harvest user credentials under investigation. This domain resolves to IP address 188.114.97.3 and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on June 07, 2024. The site currently carries an SSL certificate issued by Google Trust Services, which may falsely enhance user trust. Notably, VirusTotal currently shows 0 detections out of 95 engines scanning the domain, indicating it has not yet been widely flagged despite its active threat activity.  

This domain represents a credential theft risk, likely operating as a fake login portal to capture sensitive user inputs such as usernames, passwords, or financial data. The absence of detections on VirusTotal—despite clear malicious intent—demonstrates how rapidly new phishing domains can evade initial detection systems. The use of a seemingly legitimate SSL certificate further underscores the sophisticated tactics employed by threat actors to deceive users into believing the site is trustworthy.  

If you visited bs2site2at.net or entered any information, immediately change your passwords and enable two-factor authentication on all linked accounts. Scan your devices for malware using reputable security software and monitor financial accounts for unauthorized transactions. Report the domain to PhishDestroy for further analysis and share any captured screenshots or URLs. Do not interact further with this domain to prevent potential credential loss or malware infection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-06-07 12:11:47
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a7135c3d-1a98-45dc-8ab3-ddcff7bbbe98
- PhishDestroy: https://phishdestroy.io/domain/bs2site2at.net/
- LLM endpoint: https://phishdestroy.io/domain/bs2site2at.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bs2site2at.net/
Last updated: 2026-03-27