# airdropnansen.live — MALICIOUS

> Discover the risks behind airdropnansen.live, a crypto drainer domain now offline. Learn how it operated and what to do if exposed.

## Summary
PhishDestroy identifies airdropnansen.live as a medium-risk crypto-draining domain designed to steal digital assets. Though now offline, it posed significant financial threats to users.

This phishing site mimicked legitimate crypto airdrop offers to trick victims into revealing private keys or seed phrases, enabling attackers to drain wallets. It exploited user trust through fake incentives related to cryptocurrency.

If you visited airdropnansen.live, immediately check your crypto accounts for unauthorized activity and consider transferring assets to new wallets. Avoid clicking suspicious links and use trusted security tools to scan your devices.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Page title: Nansen Airdrop - Claim Your Tokens

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 172.67.207.48
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "Forcepoint ThreatSeeker", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a0b4d-0500-7525-a482-7cf28098e695.png
- PhishDestroy: https://phishdestroy.io/domain/airdropnansen.live/
- LLM endpoint: https://phishdestroy.io/domain/airdropnansen.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdropnansen.live/
Last updated: 2026-03-19