# asterairdrop.online — SUSPICIOUS

> AsterAirdrop.online, linked to crypto draining, is offline after being flagged on multiple blocklists. Learn more about its threat profile and status.

## Summary
PhishDestroy identifies asterairdrop.online as a medium-risk crypto drainer domain aimed at illicitly extracting cryptocurrency assets from victims. The domain was registered recently and exhibited suspicious behavior typical of fraudulent airdrop campaigns. It was designed to lure users under the guise of free cryptocurrency claims, ultimately compromising digital wallets or credentials.

The domain was registered through IONOS SE and resolved to IP address 198.18.1.36. Despite being flagged by 3 security vendors on VirusTotal and appearing on 3 notable security blocklists, the site currently displays only a default domain page. The technical indicators, including its rapid registration and hosting infrastructure, are consistent with transient phishing or crypto scam operations intended to evade long-term detection.

At present, asterairdrop.online has been taken offline, mitigating immediate risk to users. Users and organizations are advised to remain vigilant against similar crypto-related scams and ensure robust endpoint security. Blocking this domain at network perimeters and educating users on the dangers of unsolicited crypto airdrops remain key preventive measures.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Scam type: Airdrop Scam
- Page title: Domain Default page

## Domain Intelligence
- Registered: 2025-11-03 23:11:14
- Expires: 2026-11-03 23:59:59
- Registrar: IONOS SE
- Country: DE
- IP: 172.67.203.168
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: jake.ns.cloudflare.com ulla.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["ADMINUSLabs", "Fortinet", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a53f4-4597-720e-bdc3-221834ed6098.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/aacfbca0-8664-41e0-8a42-468a668d14c0
- PhishDestroy: https://phishdestroy.io/domain/asterairdrop.online/
- LLM endpoint: https://phishdestroy.io/domain/asterairdrop.online/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/asterairdrop.online/
Last updated: 2026-03-19