bxnzhwytdfmkqrwtgdfvczdsxwmchgtfgfynxcdzvswqgbd.rest
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of bxnzhwytdfmkqrwtgdfvczdsxwmchgtfgfynxcdzvswqgbd.rest
This domain appears to host a deceptive page styled to resemble a Microsoft support or Windows security interface. Based on the screenshot and page title, the site presents fake security alerts, warning dialogs, and a phone number framed as "Windows Support," which is a common pattern used in tech-support scam and credential-harvesting campaigns.
The domain name itself is a long, random-looking string under the .rest top-level domain, which does not appear consistent with an official Microsoft-operated support property. The content shown suggests the page may be designed to pressure visitors into calling a support number or interacting with misleading pop-ups while imitating a trusted technology brand.
Safety Assessment for bxnzhwytdfmkqrwtgdfvczdsxwmchgtfgfynxcdzvswqgbd.rest
Multiple scan signals indicate elevated risk at the time of this scan. The domain was flagged by 16 out of 91 security engines, with many classifying it as phishing or otherwise malicious. In addition, a malware scan reported malicious findings on 2 of 3 scanned files and identified a flagged external script reference. The domain is also listed by a major threat database for social-engineering activity, which is a strong indicator of abusive behavior.
The page content adds further concern. The screenshot shows a fake Microsoft-themed support page with alarming security messages, repeated prompts, and a phone number presented as technical support. The domain is only 4 days old, has no established traffic ranking, and its random-looking hostname does not match the brand it visually imitates. The domain's IP address is also listed on one mail-reputation blocklist, which is a weaker signal on its own but still worth noting.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate that, at the time of this scan, was set to expire on 2026-09-24. It appears to be served by an Apache web server on IP address 66.116.209.111, hosted by Oracle Corporation in Phoenix, United States. The domain uses BigRock nameservers and its DNSSEC status is unsigned.
From a security perspective, the presence of a valid TLS certificate does not reduce the phishing concerns raised by the content and scan results. Additional technical caution points include the very recent registration date, the unsigned DNSSEC configuration, and the reported loading of a flagged external resource associated with malicious behavior.
Share your experience with this website. Was it safe? Did you encounter any issues?