# broute.xyz — SUSPICIOUS

> PhishDestroy analyzes broute.xyz, a newly registered domain linked to phishing activities. Learn about its threat status and technical details.

## Summary
PhishDestroy identifies broute.xyz as a domain associated with generic phishing activity. Despite lacking current detections from major security vendors, this domain's recent registration and suspicious attributes warrant caution. It is currently categorized as under investigation to monitor any emerging malicious behavior.

The domain broute.xyz was registered on February 28, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to the IP address 188.114.96.3. VirusTotal scans show no flags from 95 security engines, indicating it may be newly established or operating under the radar. However, the use of a relatively obscure registrar and anonymous hosting infrastructure raises concerns about its intent.

As the domain remains active and under scrutiny, PhishDestroy recommends vigilance and avoidance of any unsolicited communications or links involving broute.xyz. Organizations should update their threat intelligence feeds and consider blocking or sandboxing traffic related to this domain while further analysis is conducted.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: Binance
- Page title: The Best Crypto & Binance Bridge | CrossBridge

## Domain Intelligence
- Registered: 2026-03-06 15:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: blakely.ns.cloudflare.com kobe.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc364-ff06-7649-ae3d-8dc4ec3d1923.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/broute.xyz
- PhishDestroy: https://phishdestroy.io/domain/broute.xyz/
- LLM endpoint: https://phishdestroy.io/domain/broute.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/broute.xyz/
Last updated: 2026-03-19