# phuttuta.live — SUSPICIOUS

> phuttuta.live is an active brand impersonation threat targeting Raydium users. Verify domain safety with VirusTotal and PhishDestroy now.

## Summary
PhishDestroy identifies phuttuta.live as an elevated risk domain engaging in brand impersonation, specifically targeting the cryptocurrency platform Raydium. The domain mimics Raydium's branding and interface to deceive users, posing a significant threat of credential theft or crypto asset compromise.

Technical analysis reveals that phuttuta.live was created recently on April 03, 2026, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to the IP address 188.114.96.3 and uses a Let's Encrypt SSL certificate, which may lend it an appearance of legitimacy. VirusTotal flags this domain with 2 out of 95 security vendors detecting malicious activity. The domain’s page title, "Swap Raydium," directly references the targeted brand, reinforcing its intent to impersonate. Despite the relatively low VirusTotal detection ratio, the combination of new registration, brand targeting, and active status elevates the risk level significantly.

To mitigate risks associated with this domain, users should avoid interacting with phuttuta.live or submitting any credentials or private keys. Always verify URLs directly via official Raydium channels or trusted sources. Employ browser security extensions that flag known impersonation sites and regularly check domain reputations using VirusTotal and PhishDestroy. Organizations should consider blocking this domain at network levels and educating users about the dangers of brand impersonation scams in the crypto space.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Raydium
- Page title: Swap Raydium

## Domain Intelligence
- Registered: 2026-04-03 20:39:29
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/phuttuta.live
- PhishDestroy: https://phishdestroy.io/domain/phuttuta.live/
- LLM endpoint: https://phishdestroy.io/domain/phuttuta.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/phuttuta.live/
Last updated: 2026-04-11