# mercury-airdrop.com — MALICIOUS

> Mercury-airdrop.com may be a crypto drainer posing medium risk. Verify before interacting and avoid sharing sensitive info on this domain.

## Summary
PhishDestroy identifies mercury-airdrop.com as an active crypto drainer domain, posing a medium risk to users. The domain masquerades as a Web3 collaboration tool with an enticing $35,000 airdrop offer to lure victims into divulging sensitive crypto credentials or assets. Classified under crypto-related fraud schemes, it aims to compromise users' digital wallets through deceptive incentives.

Technical analysis reveals mercury-airdrop.com was registered recently on February 21, 2026, and resolves to IP address 172.67.161.161. The domain is detected by 7 out of 95 security vendors on VirusTotal and is listed on one security blocklist. It also appears in one AlienVault OTX threat intelligence pulse, indicating ongoing malicious activity. The page title references AI-based Web3 collaboration, a common lure in crypto scams.

Currently, mercury-airdrop.com remains active and continues to pose a threat. Users are strongly advised to refrain from engaging with the site or providing personal or financial information. PhishDestroy recommends utilizing security tools and blocklists to prevent access and reporting suspicious crypto airdrop offers. Vigilance and verification remain key defenses against evolving crypto drainer threats like this domain.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Page title: Mercury - AI-Based Web3 Collaboration Tool | $35,000 Airdrop

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 172.67.161.161
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["alphaMountain.ai", "CRDF", "CyRadar", "Ermes", "ESET", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ba085-53cd-716b-a2c8-784571f36d14.png
- PhishDestroy: https://phishdestroy.io/domain/mercury-airdrop.com/
- LLM endpoint: https://phishdestroy.io/domain/mercury-airdrop.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mercury-airdrop.com/
Last updated: 2026-03-19