# xaistrat.cfd — MALICIOUS

> xaistrat.cfd is linked to a low-risk generic phishing threat. Stay cautious and verify URLs before sharing information. Learn more about this domain now.

## Summary
PhishDestroy identifies xaistrat.cfd as an active domain associated with a low-level generic phishing threat. The risk level is considered low based on current intelligence, but users should remain vigilant as phishing tactics can lead to credential compromise or fraud.

The domain was registered on March 05, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to IP address 172.67.143.41. VirusTotal scanning shows only 1 out of 95 security vendors flagging this domain, indicating limited but present suspicion. The domain's recent creation and registrant details contribute to its risk profile, as newly created domains registered through less commonly used registrars are often linked to malicious campaigns. The low detection count suggests the infrastructure is either newly established or operating at a low profile.

Currently, xaistrat.cfd remains active and should be treated with caution. Users are advised to avoid clicking on unsolicited links or entering sensitive data associated with this domain. Organizations should monitor network traffic for connections to this domain and consider blocking it at the firewall level as a precaution. Continuous monitoring is recommended to detect any escalation in threat activity or changes in detection status.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: XAISTRAT Official Pre-Sale - Get Up to 100% Bonus!

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.143.41
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: lloyd.ns.cloudflare.com wren.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 8 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "Fortinet", "G-Data", "Kaspersky", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc2d7-c2f6-7647-a7a8-641987393316.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/xaistrat.cfd
- Wayback Machine: https://web.archive.org/web/https://xaistrat.cfd
- PhishDestroy: https://phishdestroy.io/domain/xaistrat.cfd/
- LLM endpoint: https://phishdestroy.io/domain/xaistrat.cfd/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xaistrat.cfd/
Last updated: 2026-03-19