# openlayerairdrop.live — SUSPICIOUS

> openlayerairdrop.live was linked to a medium-risk crypto drainer campaign. Stay alert and avoid interactions with this malicious domain.

## Summary
PhishDestroy identifies openlayerairdrop.live as a medium-risk crypto drainer domain targeting cryptocurrency holders. The domain was created in February 2026 and used to lure victims through deceptive airdrop offers.
Infrastructure analysis shows the domain was registered through a dead domain registrar and appeared on two security blocklists. Three security vendors flagged it on VirusTotal, raising concerns about its credibility and malicious intent.
Currently, openlayerairdrop.live is taken offline, reducing immediate threat exposure. Users are advised to remain cautious with unsolicited crypto offers and verify domain legitimacy before interacting.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam
- Page title: OpenLayer Airdrop

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 172.67.172.205
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["alphaMountain.ai", "Bfore.Ai PreCrime", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/01994cf5-79c4-74d7-b056-1d94c4776ea4.png
- PhishDestroy: https://phishdestroy.io/domain/openlayerairdrop.live/
- LLM endpoint: https://phishdestroy.io/domain/openlayerairdrop.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/openlayerairdrop.live/
Last updated: 2026-03-19