# nesa-airdrop.pages.dev — SUSPICIOUS > nesa-airdrop.pages.dev impersonates an airdrop scam. VirusTotal clean but risk remains. Verify on PhishDestroy for latest safety info. ## Summary The domain nesa-airdrop.pages.dev has been identified as engaging in brand impersonation tactics, specifically targeting victims through an airdrop scam. There is no current evidence of a crypto drainer kit associated with this domain, but it mimics typical airdrop scam schemes designed to deceive users into compromising their assets or credentials. From a technical perspective, nesa-airdrop.pages.dev resolves to the IP address 172.66.44.235 and uses an SSL certificate issued by Google Trust Services, which may lend it an appearance of legitimacy. The domain is registered via Cloudflare, Inc., a common registrar for many legitimate and malicious sites alike. VirusTotal analysis shows a clean sheet with 0 out of 95 engines flagging the domain, which indicates that it has not yet been widely detected as malicious by automated systems. Additional data such as creation date and Google Safe Browsing status were not provided, but the domain currently appears active and unlisted on major blocklists. Currently, nesa-airdrop.pages.dev remains active and under investigation with its risk level noted as under_investigation. Due to the lack of detections on VirusTotal so far, the domain could evade some conventional defenses and potentially target unsuspecting users. Analysts recommend heightened vigilance when interacting with domains mimicking airdrop services and advise users to verify any suspicious URL on trusted resources like PhishDestroy before engagement. Monitoring for emerging indicators and timely user education are essential steps to mitigate potential impact from this ongoing threat. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Airdrop Scam ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.235 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/nesa-airdrop.pages.dev - PhishDestroy: https://phishdestroy.io/domain/nesa-airdrop.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/nesa-airdrop.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/nesa-airdrop.pages.dev/ Last updated: 2026-04-08