# airdrop-rcadia.xyz — SUSPICIOUS

> PhishDestroy identifies airdroprcadia.xyz as a malicious domain hosting an Airdrop impersonation scam. 4 of 95 VirusTotal scanners flag this site.

## Summary
PhishDestroy identifies airdroprcadia.xyz as an active brand-impersonation domain targeting the Airdrop ecosystem. The page masquerades as a legitimate airdrop campaign to trick users into connecting crypto wallets or submitting credentials. No evidence of a drainer kit payload was observed in open-source feeds, but the lure is sufficient to deceive users unfamiliar with the campaign.    airdroprcadia.xyz was registered on 2026-02-15 via NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to IPv4 188.114.97.3. Google Safe Browsing does not currently flag the domain, yet 4 of 95 VirusTotal scanners already detect malicious content as of the latest scan. Creation date and VT score are current indicators for SOC teams prioritizing takedowns and blocklists.    The site remains online with elevated risk due to the low VirusTotal detection rate and short domain age. Users should block 188.114.97.3 and the domain at DNS and network layers. Report the page to Google Safe Browsing and your threat-intel provider to accelerate remediation. Remaining risk stems from potential future payload updates, so continuous monitoring is advised.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Airdrop Scam

## Domain Intelligence
- Registered: 2026-02-15 23:39:48
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b590254a-a209-4c56-9819-6ccfc616da23
- PhishDestroy: https://phishdestroy.io/domain/airdrop-rcadia.xyz/
- LLM endpoint: https://phishdestroy.io/domain/airdrop-rcadia.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop-rcadia.xyz/
Last updated: 2026-03-27