# qadden.icu — MALICIOUS

> qadden.icu is under investigation for phishing activity. Exercise caution and avoid sharing personal info on this domain until further notice.

## Summary
PhishDestroy identifies qadden.icu as an active domain exhibiting characteristics of generic phishing threats. The overall risk level is currently under investigation due to lack of direct detections but suspicious contextual factors raise concern for potential malicious activity.

The domain qadden.icu was created recently on March 4, 2026, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar sometimes associated with transient or suspicious domains. It resolves to IP address 188.114.96.3. Despite extensive scanning, VirusTotal currently shows zero detections from any of its 95 security vendors, which suggests the domain is either very new or intentionally low profile. However, this absence of flags combined with the fresh registration and generic phishing classification warrants careful monitoring.

Users should avoid interacting with qadden.icu or submitting any sensitive information until more conclusive evidence clarifies its intent. PhishDestroy recommends continuous observation of emerging intelligence and leveraging domain blocklists and network defenses to mitigate potential exposure. The domain remains active, and vigilance is essential as investigations proceed.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Qadden - Worldwide Decentralized Marketplace

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["hazel.ns.cloudflare.com", "randall.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc2d7-c106-707f-9085-f54c935c6f31.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/qadden.icu
- Wayback Machine: https://web.archive.org/web/https://qadden.icu
- PhishDestroy: https://phishdestroy.io/domain/qadden.icu/
- LLM endpoint: https://phishdestroy.io/domain/qadden.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/qadden.icu/
Last updated: 2026-03-19