# threshold.airdropsalert.bar — MALICIOUS

> threshold.airdropsalert.bar is linked to crypto drainer scams. Avoid interacting with it and report suspicious activity immediately.

## Summary
PhishDestroy identifies threshold.airdropsalert.bar as a high-risk crypto drainer domain designed to steal cryptocurrency assets. Users should exercise extreme caution when encountering this site.

The domain was created recently on February 21, 2026, and resolves to IP 188.114.96.3. It is actively flagged by 16 out of 95 VirusTotal vendors and appears on two security blocklists, confirming its malicious intent.

Currently active, threshold.airdropsalert.bar continues to pose a threat. Users are strongly advised to avoid visiting the site and employ updated security solutions to block related activities.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Scam type: Airdrop Scam

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b4075-cd7c-7266-b995-896d485abef9.png
- PhishDestroy: https://phishdestroy.io/domain/threshold.airdropsalert.bar/
- LLM endpoint: https://phishdestroy.io/domain/threshold.airdropsalert.bar/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/threshold.airdropsalert.bar/
Last updated: 2026-03-19