# airdrop-orbiter.pages.dev — SUSPICIOUS

> PhishDestroy flags airdrop-orbiter.pages.dev as a crypto drainer impersonating Airdrop Scam. 1/95 VirusTotal detections. Verify before interacting.

## Summary
PhishDestroy identifies airdrop-orbiter.pages.dev as a live crypto drainer campaign masquerading as a legitimate Airdrop Scam promotion. This fraudulent domain is engineered to deceive users into connecting crypto wallets under the false pretense of receiving token airdrops or rewards. Victims who follow the embedded links or input wallet credentials risk unauthorized asset transfers via sophisticated drainer scripts that execute unauthorized transactions directly from connected wallets. MetaMask, SEAL, and ScamSniffer have already blocked access to this domain, confirming its malicious intent and operational status.  This domain was flagged by PhishDestroy with elevated risk status based on multiple independent security validations. VirusTotal analysis shows 1 out of 95 participating security vendors detecting the threat, while the domain appears on 3 public blocklists curated by cybersecurity researchers. The site is hosted behind Cloudflare infrastructure and resolves to IP address 172.66.47.10. The domain utilizes a Google Trust Services SSL certificate to enhance credibility and bypass browser warnings. Despite these superficial trust signals, the domain is engaged in brand impersonation and is actively distributing malicious wallet drainer payloads.  Users who have visited airdrop-orbiter.pages.dev or interacted with embedded prompts should immediately disconnect any connected wallets and revoke any permissions granted through wallet interfaces. Scan all connected devices with updated antivirus software and consider transferring remaining assets to a newly generated wallet with no prior transaction history. If assets have already been stolen, file incident reports with local law enforcement and submit blockchain transaction details to relevant platforms such as Chainalysis or CipherTrace for recovery assistance. Always verify promotional links and airdrop campaigns through official brand channels before taking any action involving digital assets.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Airdrop Scam

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.10

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["MetaMask", "SEAL", "ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/586fcca2-82bd-43a3-b363-c345d8987597
- PhishDestroy: https://phishdestroy.io/domain/airdrop-orbiter.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/airdrop-orbiter.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop-orbiter.pages.dev/
Last updated: 2026-03-28