# app-airtm-sesion.com — SUSPICIOUS

> app-airtm-sesion.com is a freshly registered phishing site mimicking Airtm login pages. VirusTotal flags 0/95 detections despite hosting malicious content.

## Summary
PhishDestroy identifies app-airtm-sesion.com as a live credential-harvesting domain engineered to impersonate Airtm’s official login interface. This site was registered on March 21, 2026, through Name.com, Inc., and resolves to IP 216.198.79.1. It currently presents a valid Let’s Encrypt SSL certificate to appear legitimate while hosting a spoofed Airtm session portal designed to steal user credentials and session tokens.


The threat level remains under investigation, yet concrete indicators already demand caution. VirusTotal scans show zero detections across 95 engines as of this advisory, underscoring how rapidly emerging phishing domains can evade detection. The domain’s age—just days old—and its use of Name.com as registrar, combined with a clean historical blocklist record, highlight the risk of brand-new typosquatting or session-hijacking campaigns targeting cryptocurrency and remittance users.


If you accessed app-airtm-sesion.com or entered any login or payment details, cease use of those credentials immediately and revoke any active sessions linked to Airtm or associated wallets. Monitor financial accounts for unauthorized transactions and reset passwords using only the official Airtm website. Report the domain to your antivirus provider and to Name.com’s abuse team using the seed b19043 for tracking. Avoid clicking links from unsolicited emails or ads purporting to lead to Airtm services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-21 16:04:46
- Registrar: Name.com, Inc.
- IP: 216.198.79.1

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/app-airtm-sesion.com
- PhishDestroy: https://phishdestroy.io/domain/app-airtm-sesion.com/
- LLM endpoint: https://phishdestroy.io/domain/app-airtm-sesion.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-airtm-sesion.com/
Last updated: 2026-03-23