# airdrop-plume.com — MALICIOUS

> airdrop-plume.com is linked to a high-risk crypto drainer scam. Avoid interactions and secure your wallets now. Stay safe with PhishDestroy.

## Summary
PhishDestroy identifies airdrop-plume.com as a high-risk crypto drainer domain designed to steal cryptocurrency assets from unsuspecting victims. This threat poses significant financial danger by targeting users through fraudulent airdrop schemes aimed at extracting private keys or wallet credentials.

The domain was created recently on February 21, 2026, and has been flagged on 7 security blocklists, with 11 out of 95 VirusTotal vendors marking it as malicious. Its registration status is marked as a dead domain, indicating a suspicious or abandoned infrastructure commonly associated with fraudulent activity. The combination of these factors confirms its role as part of a crypto scam operation.

Currently, airdrop-plume.com has been taken offline, reducing the immediate risk for users. PhishDestroy recommends that users remain vigilant, avoid interacting with links related to this domain, and ensure their crypto wallets are secured using trusted multi-factor authentication and hardware wallets. Continuous monitoring and caution are essential to prevent falling victim to similar crypto drainer threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 104.21.64.1
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 7 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "Polkadot", "SEAL", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/01992fab-7080-70e8-a60d-894a487766ee.png
- PhishDestroy: https://phishdestroy.io/domain/airdrop-plume.com/
- LLM endpoint: https://phishdestroy.io/domain/airdrop-plume.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop-plume.com/
Last updated: 2026-03-19