# airdrop.olaxbot.xyz — SUSPICIOUS

> airdrop.olaxbot.xyz posed a medium-risk crypto drainer threat. Avoid interaction and ensure your crypto wallets are secure.

## Summary
PhishDestroy identifies airdrop.olaxbot.xyz as a medium-risk crypto drainer domain aimed at compromising cryptocurrency wallets. The campaign was designed to trick users into revealing private keys or seed phrases, facilitating illicit fund transfers. Users are advised to remain vigilant when interacting with unsolicited airdrop or wallet-related links.

Technical analysis reveals the domain was registered on February 21, 2026, through a now-defunct registration service labeled as a 'Dead domain.' VirusTotal scans flagged the domain by 3 security vendors out of 95, and it appears on one known security blocklist. Despite limited detections, the domain's association with crypto-draining activities underscores the risk.

Currently, the domain is offline and inaccessible, reducing immediate threat potential. PhishDestroy recommends users avoid visiting similar suspicious domains and maintain strong wallet security practices, including using hardware wallets and multi-factor authentication where possible.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Page title: OlaXBT - Web3 MCP Servers & Terminals

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dead domain
- IP: 104.21.16.1
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: Cloudflare TLS Issuing ECC CA 1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["CRDF", "Gridinsoft", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/01987c13-99a7-73d4-9845-9e545cec4d7a.png
- PhishDestroy: https://phishdestroy.io/domain/airdrop.olaxbot.xyz/
- LLM endpoint: https://phishdestroy.io/domain/airdrop.olaxbot.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop.olaxbot.xyz/
Last updated: 2026-03-17