# xcvsdttur.sbs — MALICIOUS

> xcvsdttur.sbs is flagged for phishing risks. Avoid sharing personal info and ensure your security by not visiting this domain.

## Summary
PhishDestroy identifies xcvsdttur.sbs as a medium-risk phishing domain that could compromise personal data. Such sites trick users into revealing sensitive information by masquerading as legitimate services.

This phishing operation attempts to deceive visitors through fake interfaces or prompts, aiming to steal login credentials or financial details. Although the domain is currently offline, it was previously flagged and blocked by security systems.

If a user has visited xcvsdttur.sbs, they should immediately change any passwords entered and monitor accounts for suspicious activity. Using security software and staying vigilant against unsolicited links helps reduce future risks.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: GOMBLE Airdrop

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dead domain
- IP: 104.21.40.88
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: ["alphaMountain.ai", "CRDF", "CyRadar", "Fortinet", "SOCRadar", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198762f-2d1f-710c-a267-1e72e830bcb1.png
- PhishDestroy: https://phishdestroy.io/domain/xcvsdttur.sbs/
- LLM endpoint: https://phishdestroy.io/domain/xcvsdttur.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xcvsdttur.sbs/
Last updated: 2026-03-17