# ton.airdrpalerts.cfd — MALICIOUS

> ton.airdrpalerts.cfd was identified as a high-risk phishing domain and is now offline. Learn more about its infrastructure and how to stay safe.

## Summary
PhishDestroy identifies ton.airdrpalerts.cfd as a high-risk generic phishing domain used to deceive users into divulging sensitive information. This domain was flagged due to its involvement in fraudulent activities targeting unsuspecting victims.

The domain was created recently and registered through Dynadot LLC. It resolved to IP address 188.114.97.3 and appeared on multiple security blocklists. VirusTotal analysis showed significant detection among security vendors, confirming its malicious intent. The domain has since been taken offline to prevent further harm.

Users are advised to remain cautious of unsolicited messages or links referring to this domain or similar variants. Avoid clicking on suspicious URLs, verify sources before sharing personal data, and keep security software updated to reduce phishing risks.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Google

## Domain Intelligence
- Registered: 2025-10-25 01:37:41
- Expires: 2026-10-25 23:59:59
- Registrar: Dynadot LLC
- Country: US
- IP: 172.217.18.4
- IP Org: Cloudflare CDN
- Nameservers: brenna.ns.cloudflare.com hassan.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Fortinet", "G-Data", "Lionic", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a2a6f-fc80-765e-a0a8-7bf2d0e48f50.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/bab4e37b-bf0d-48eb-b5e0-f65e4bb7c5dd
- PhishDestroy: https://phishdestroy.io/domain/ton.airdrpalerts.cfd/
- LLM endpoint: https://phishdestroy.io/domain/ton.airdrpalerts.cfd/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ton.airdrpalerts.cfd/
Last updated: 2026-03-19