# bter.io — SUSPICIOUS

> Avoid bter.io due to medium-risk phishing threats. The domain is offline but previously posed security risks. Stay vigilant and protect your data.

## Summary
PhishDestroy identifies bter.io as a medium-risk generic phishing domain that posed potential threats to users by attempting to collect sensitive information. Such phishing domains are critical to monitor because they can lead to credential theft, financial loss, and broader cybercrime impacts.

The domain bter.io was registered recently on March 3, 2026, through NiceNIC International Group Co., Limited. Although currently taken offline, it was flagged by 3 out of 95 security vendors on VirusTotal and appears on one security blocklist. The domain resolved to IP address 172.67.222.127, and its Gridinsoft trust score was notably low at 1 out of 100, indicating poor reputation and high suspicion.

Users are advised to avoid visiting bter.io or interacting with any communications related to it. Maintain updated security software and scrutinize unsolicited messages that may direct to suspicious domains. For ongoing protection, rely on trusted sources and tools like PhishDestroy to stay informed about emerging phishing threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Buy

## Domain Intelligence
- Registered: 2026-03-03 19:07:02
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.222.127
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: keanu.ns.cloudflare.com zita.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar", "URLQuery"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb4b8-d380-7039-ae04-7e7c862d659c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/6def92a5-f0d5-4d99-bb86-cdcb5be080db
- Wayback Machine: https://web.archive.org/web/https://bter.io
- PhishDestroy: https://phishdestroy.io/domain/bter.io/
- LLM endpoint: https://phishdestroy.io/domain/bter.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bter.io/
Last updated: 2026-03-19