# raydiuim.cc — MALICIOUS

> Warning: raydiuim.cc impersonates Raydium brand. The domain is offline but remains blocked by security vendors. Avoid interaction to stay safe.

## Summary
PhishDestroy identifies raydiuim.cc as a medium-risk brand impersonation domain targeting the Raydium cryptocurrency platform. The domain was registered on March 4, 2026, and presented itself using the legitimate brand name "Raydium" in its page title to deceive users. Its primary threat lies in misleading users into believing they are accessing the official Raydium service, which could facilitate phishing or fraud attempts.

Technically, raydiuim.cc resolved to IP address 188.114.96.3 and was registered through Global Domain Group LLC. The domain appeared on 3 separate security blocklists, and VirusTotal analysis flagged it as suspicious by 5 out of 95 security vendors. These detections indicate some level of malicious activity or potential risk associated with the domain’s infrastructure. The domain’s deceptive use of the Raydium brand name further reinforces its intent to impersonate and mislead.

Currently, raydiuim.cc is offline, mitigating immediate risk to users. However, the domain’s history and blocklisting status warrant continued monitoring. Users and organizations should avoid interacting with this domain and ensure that security systems are updated to block it. Brand owners like Raydium are advised to keep watch for similar impersonation attempts and consider legal or technical actions to protect their brand integrity.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Raydium
- Page title: Raydium

## Domain Intelligence
- Registered: 2026-03-04 13:07:01
- Registrar: Global Domain Group LLC
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ali.ns.cloudflare.com", "piers.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "Netcraft", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/hJXdK7jL/78aff01696ea.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/d05e6374-f221-450f-bb4f-72064e738f85
- Wayback Machine: https://web.archive.org/web/https://raydiuim.cc
- PhishDestroy: https://phishdestroy.io/domain/raydiuim.cc/
- LLM endpoint: https://phishdestroy.io/domain/raydiuim.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/raydiuim.cc/
Last updated: 2026-03-19