# airdrop.paintswap.world — MALICIOUS

> The domain airdrop.paintswap.world poses a medium crypto drainer risk. Avoid interacting with this domain to protect your digital assets.

## Summary
PhishDestroy identifies airdrop.paintswap.world as a medium-risk crypto drainer domain that targets cryptocurrency users. It aims to steal funds by exploiting trust in seemingly legitimate airdrop offers.

This phishing site tricks users by mimicking popular cryptocurrency platforms, luring victims with promises of free tokens or airdrops. Users are often prompted to enter private keys or connect wallets, allowing attackers to drain their accounts.

If you’ve visited this domain, avoid providing any wallet credentials or personal data. Immediately check your crypto accounts for unauthorized activity and consider migrating assets to a new wallet for enhanced security.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dead domain
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "CyRadar", "Fortinet", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198337e-76d9-765c-b3c1-2d7e3de6ab6c.png
- PhishDestroy: https://phishdestroy.io/domain/airdrop.paintswap.world/
- LLM endpoint: https://phishdestroy.io/domain/airdrop.paintswap.world/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop.paintswap.world/
Last updated: 2026-03-17