# racer-airdrop.info — MALICIOUS

> racer-airdrop.info is a high-risk crypto drainer domain flagged by multiple blocklists and security tools. Avoid any interaction and stay safe.

## Summary
PhishDestroy identifies racer-airdrop.info as a high-risk threat categorized under crypto drainer activities. This domain aimed to illicitly capture cryptocurrency assets by deceiving users, putting digital wallets at serious risk.

Supporting evidence reveals that racer-airdrop.info was taken offline after being detected on three security blocklists and flagged by 14 out of 95 antivirus engines on VirusTotal. The domain, created on February 21, 2026, was registered via NiceNIC International Group Co., Limited and resolved to IP 172.67.128.21. The page titled "RACER" likely played a role in the malicious scheme to lure victims.

Currently offline, this domain no longer poses an active threat. Users should remain vigilant by avoiding suspicious crypto airdrop sites and verifying domain reputations before engagement. PhishDestroy recommends continuous monitoring of similar domains to prevent exposure to crypto drainers and other financial cyber threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Scam type: Airdrop Scam
- Page title: RACER

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.128.21
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["annabel.ns.cloudflare.com", "bryce.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "SOCRadar", "Sophos", "Trustwave", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c0326-9011-7692-989f-daaee11d56e9.png
- PhishDestroy: https://phishdestroy.io/domain/racer-airdrop.info/
- LLM endpoint: https://phishdestroy.io/domain/racer-airdrop.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/racer-airdrop.info/
Last updated: 2026-03-19