# xpm3.top — SUSPICIOUS

> xpm3.top is linked to a $USDC token airdrop phishing scam. Avoid this domain and protect your data. Learn more on PhishDestroy.

## Summary
PhishDestroy identifies xpm3.top as a medium-risk phishing domain that was used to lure victims with a fake $USDC token airdrop offer. Such scams aim to trick users into divulging sensitive financial information or crypto wallet credentials, potentially leading to financial loss.

This phishing site operated by impersonating legitimate cryptocurrency giveaways, enticing users to participate in a fraudulent airdrop. Visitors were likely asked to connect wallets or enter private keys, which attackers could exploit. Although the domain has been taken offline and appears on multiple security blocklists, it had resolved to an IP address flagged by some security vendors.

If you visited xpm3.top, immediately avoid entering any personal or wallet details. Run a thorough malware and antivirus scan on your devices, and monitor your crypto accounts for suspicious activity. Consider changing passwords and enabling two-factor authentication on your wallets and related services to enhance security.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: $USDC Token Airdrop

## Domain Intelligence
- Registered: 2026-03-03 21:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.54.118
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: cleo.ns.cloudflare.com magali.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["alphaMountain.ai", "Fortinet", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/353TZrtB/597905e57ca5.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/0563ff5c-11ed-4a61-88a2-a8950abd3cb8
- PhishDestroy: https://phishdestroy.io/domain/xpm3.top/
- LLM endpoint: https://phishdestroy.io/domain/xpm3.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xpm3.top/
Last updated: 2026-03-19