# getairdrop.website — MALICIOUS

> getairdrop.website was a high-risk crypto drainer domain flagged on multiple blocklists. Learn how it operated and how to stay safe.

## Summary
PhishDestroy identifies getairdrop.website as a high-risk crypto drainer domain designed to steal cryptocurrency assets from unsuspecting users. Crypto drainer scams pose severe financial threats by tricking victims into revealing private keys or authorizing malicious transactions, making vigilance critical.

The domain getairdrop.website was registered on February 21, 2026, and has since been taken offline. It appeared on four major security blocklists and was flagged by 11 out of 95 security vendors on VirusTotal. The domain was registered through a now-dead registrar, indicating potentially illicit or abandoned infrastructure. Its removal from active status reduces immediate risk but does not eliminate potential residual threats from related campaigns.

Users are advised to avoid interacting with suspicious airdrop offers, especially those hosted on untrusted domains like getairdrop.website. Never share private keys or approve transactions from unverified sources. Maintaining updated security software and monitoring wallet activity can mitigate exposure to similar crypto drainer threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Page title: Bitcoin & Cryptocurrency Exchange - Buy & Sell Crypto - CEX.IO

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 104.20.25.69
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "Polkadot", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a302a-5b23-73b3-9ba9-08b3ed2faae4.png
- PhishDestroy: https://phishdestroy.io/domain/getairdrop.website/
- LLM endpoint: https://phishdestroy.io/domain/getairdrop.website/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/getairdrop.website/
Last updated: 2026-03-19