# raydiumnodes.cc — SUSPICIOUS > PhishDestroy identifies raydiumnodes.cc as a Raydium impersonation site flagged by 1 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies the domain raydiumnodes.cc as an active brand impersonation threat targeting Raydium. This domain is currently leveraged for fraudulent purposes, mimicking the legitimate Raydium platform to deceive users into disclosing sensitive credentials or transferring cryptocurrency assets. This domain, created on April 07, 2026, was flagged by 1 of 95 VirusTotal security vendors, indicating limited but confirmed malicious activity. It resolves to the IP address 104.21.21.33 and operates under the registrar OwnRegistrar, Inc., leveraging a Let's Encrypt SSL certificate to enhance its perceived legitimacy. The domain’s recent registration and low detection rate suggest it is a newly deployed threat, likely part of a coordinated impersonation campaign. As of the latest assessment, raydiumnodes.cc remains active and poses an elevated risk to users who may encounter it through phishing emails, social media promotions, or malicious advertisements. To mitigate exposure, users should avoid accessing this domain entirely. Organizations are advised to implement network-level blocking for IP 104.21.21.33 and the domain raydiumnodes.cc. Additionally, users should verify the authenticity of Raydium-related communications by cross-referencing official channels and reporting any suspicious interactions to their security teams. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Raydium ## Domain Intelligence - Registered: 2026-04-07 21:32:48 - Registrar: OwnRegistrar, Inc. - IP: 104.21.21.33 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/raydiumnodes.cc - PhishDestroy: https://phishdestroy.io/domain/raydiumnodes.cc/ - LLM endpoint: https://phishdestroy.io/domain/raydiumnodes.cc/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/raydiumnodes.cc/ Last updated: 2026-04-09