# buytrx.us — SUSPICIOUS

> buytrx.us is linked to credential theft with 0/95 VirusTotal detections. Active domain, created 2026-03-16. Exercise caution and avoid interaction.

## Summary
PhishDestroy identifies buytrx.us as a credential theft threat domain. The site appears to be designed to harvest user credentials rather than targeting a specific brand or leveraging a known crypto drainer kit. No direct association with popular brands has been detected, indicating a generic credential harvesting scheme.

Technical analysis reveals that buytrx.us currently has a VirusTotal detection score of 0 out of 95, meaning it has not yet been flagged by common antivirus engines. The domain was registered on March 16, 2026, through TLD Registrar Solutions Ltd. It resolves to the IP address 172.67.183.146 and uses a Let's Encrypt SSL certificate. There is no indication that Google Safe Browsing has listed this domain, and it is not currently on major blocklists, adding to the challenge of immediate detection.

The domain status remains active and is under investigation due to the potential risk it poses in credential theft. Despite the lack of detections on VirusTotal, users should exercise caution and avoid providing sensitive information on this site. Security teams are advised to monitor this domain closely and consider proactive blocking until further evidence clarifies the threat level.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-16 11:22:52
- Registrar: TLD Registrar Solutions Ltd.
- IP: 172.67.183.146

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a2e0411c-2edd-45ed-864f-c36c54ff7048
- PhishDestroy: https://phishdestroy.io/domain/buytrx.us/
- LLM endpoint: https://phishdestroy.io/domain/buytrx.us/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/buytrx.us/
Last updated: 2026-03-24