# auranfts.xyz — SUSPICIOUS

> Discover if auranfts.xyz is a safe NFT giveaway site or a crypto drainer. Learn about its risks, technical details, and current status here.

## Summary
PhishDestroy identifies auranfts.xyz as a low-risk crypto drainer domain masquerading as an NFT giveaway platform titled "Aura NFT Giveaway." Classified under crypto-related threats, it aims to trick users into revealing sensitive wallet credentials through purported giveaways.

The domain was registered recently on March 3, 2026, and is hosted at IP 188.114.97.3 via NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal flags 2 out of 95 security vendors for this domain, indicating limited but notable suspicion. Such infrastructure and domain age suggest early-stage activity typical of phishing campaigns targeting cryptocurrency users.

Currently active, auranfts.xyz remains under observation, with no significant mitigations publicly enforced. Users are advised to exercise caution and avoid interacting with this site to prevent potential crypto asset loss. PhishDestroy continues monitoring for updates on its threat evolution and response actions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: Aura NFT Giveaway

## Domain Intelligence
- Registered: 2026-03-09 09:07:01
- Expires: 2027-03-03 00:00:00
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dawn.ns.cloudflare.com titan.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd1b4-e3be-729f-8478-1d01755c7a74.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4f06c020-d9cc-454e-b05c-855e3107544c
- PhishDestroy: https://phishdestroy.io/domain/auranfts.xyz/
- LLM endpoint: https://phishdestroy.io/domain/auranfts.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/auranfts.xyz/
Last updated: 2026-03-19