# airdrop-superfortune.xyz — MALICIOUS

> Stay safe from crypto theft. Avoid airdrop-superfortune.xyz and never share your wallet info. If visited, secure your accounts immediately.

## Summary
PhishDestroy identifies airdrop-superfortune.xyz as a medium-risk crypto drainer domain designed to steal users' cryptocurrency assets. Although this domain is currently offline, it was detected hosting deceptive content under the banner "SUPERFORTUNE" to lure victims into compromising their digital wallets. Users should understand that interacting with such sites can lead to irreversible loss of funds.

airdrop-superfortune.xyz operated by masquerading as a legitimate cryptocurrency airdrop or reward platform. Victims were typically enticed to connect their wallets or provide private keys and sensitive credentials, which attackers then exploited to drain funds. The domain was registered through NameCheap, Inc. and flagged on multiple security blocklists, with several security vendors identifying malicious activity. Its IP resolution to 64.29.17.65 and its creation date in late 2025 helped analysts track its deceptive operations.

If you have visited airdrop-superfortune.xyz, it is critical to immediately disconnect any linked wallets and change associated passwords. Users should review all recent transactions for suspicious activity and consider moving assets to new wallets with enhanced security measures. Employing trusted security software and enabling multi-factor authentication can help mitigate risks. Awareness and prompt action remain essential to avoid falling victim to crypto draining schemes like those linked to this domain.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Scam type: Airdrop Scam
- Page title: SUPERFORTUNE

## Domain Intelligence
- Registered: 2025-11-28 11:48:40
- Registrar: NameCheap, Inc.
- Country: US
- IP: 64.29.17.65
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: ns1.vercel-dns.com ns2.vercel-dns.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["CyRadar", "Ermes", "Gridinsoft", "Seclookup", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ad38b-69ef-7498-b472-426d1571d59a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/bec344c6-dbba-4e2c-8492-65b633beb3d2
- PhishDestroy: https://phishdestroy.io/domain/airdrop-superfortune.xyz/
- LLM endpoint: https://phishdestroy.io/domain/airdrop-superfortune.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop-superfortune.xyz/
Last updated: 2026-03-19