# airdropempire.com — SUSPICIOUS

> AirdropEmpire.com was identified as a low-risk crypto drainer domain. It is currently offline but caution is advised for past visitors.

## Summary
PhishDestroy identifies airdropempire.com as associated with crypto drainer threats, designed to illicitly access cryptocurrency wallets. The domain’s risk level is assessed as low, indicating limited active harm or reach. Despite this, users should remain vigilant as such sites often aim to trick victims into compromising their digital assets.

The domain airdropempire.com resolves to IP address 198.23.141.202 and was registered recently through Atak Domain on January 19, 2025. VirusTotal flagged it by 2 out of 95 security vendors, and it appears on one security blocklist, suggesting minimal but noteworthy detection by security services. The site’s page title was identified as "Airdrop Empire," a name commonly used in crypto scam contexts to lure users.

Currently, the domain is offline, significantly reducing immediate threat exposure. Users who previously interacted with the site should review their wallet security and avoid any further engagement. It is recommended to maintain updated security software and be cautious of unsolicited crypto airdrop offers to prevent potential future compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Scam type: Airdrop Scam
- Page title: Airdrop Empire

## Domain Intelligence
- Registered: 2025-01-19 15:52:43
- Expires: 2026-01-19 15:52:43
- Registrar: Atak Domain
- Country: TR
- IP: 198.23.141.202
- IP Country: US
- IP City: Buffalo
- IP Org: AS36352 HostPapa
- Nameservers: ns1.hosting.markets ns1.sagaciousdns.com ns2.hosting.markets ns2.sagaciousdns.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019976ac-04d0-73ba-9a01-7b0bf5ac147a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8e78ca18-32d5-443c-b430-43ef5ee6e2ed
- PhishDestroy: https://phishdestroy.io/domain/airdropempire.com/
- LLM endpoint: https://phishdestroy.io/domain/airdropempire.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdropempire.com/
Last updated: 2026-03-19