# serverraffle.com — SUSPICIOUS

> serverraffle.com is a fraudulent XRP raffle airdrop site that steals cryptocurrency. The domain was created in February 2026 and has been blocked by MetaMask.

## Summary
The domain serverraffle.com is a generic phishing threat targeting cryptocurrency users through a fake XRP raffle airdrop promotion. No specific drainer kit or brand impersonation was identified in the available intelligence.

Technical indicators show 2/95 VirusTotal security vendors flagged this domain. It was registered through NiceNIC International Group Co., Limited on February 21, 2026, and resolves to IP 64.29.17.65. The domain appears on 2 security blocklists, including PhishDestroy and MetaMask. No Google Safe Browsing status, OTX pulses, or specific technologies were detected in the provided data.

The domain is currently offline and has been taken down. Response actions included blocking by security services. While offline, the remaining risk is minimal, but users should remain cautious of similar fraudulent cryptocurrency promotions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Scam type: Airdrop Scam
- Page title: XRP Raffle Airdrop

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2026-10-10 00:00:00
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 64.29.17.65
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: ns1.vercel-dns.com ns2.vercel-dns.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Fortinet", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c551f-0280-710d-b54b-07c7662edbb2.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/394621ff-2652-4136-ae5b-27c289aa93ab
- Wayback Machine: https://web.archive.org/web/https://serverraffle.com
- PhishDestroy: https://phishdestroy.io/domain/serverraffle.com/
- LLM endpoint: https://phishdestroy.io/domain/serverraffle.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/serverraffle.com/
Last updated: 2026-03-19