# airdrop-hyperliquid.claims — SUSPICIOUS

> Stay cautious of airdrop-hyperliquid.claims, a medium-risk crypto drainer domain now offline. Avoid interaction and report suspicious crypto sites.

## Summary
PhishDestroy has identified airdrop-hyperliquid.claims as a crypto drainer domain designed to deceive users with fake cryptocurrency airdrop claims. Classified as a medium-risk threat, this domain aimed to illicitly extract crypto assets from victims by impersonating legitimate airdrop opportunities.

Technical analysis reveals the domain was registered on February 21, 2026, and resolved to the IP address 188.114.97.3. It appeared on four security blocklists, and VirusTotal flagged it by four out of 95 security vendors. The page title "Just a moment..." suggests attempts to mimic legitimate loading screens to avoid immediate suspicion.

Currently, the domain is offline, likely removed or taken down following detection. PhishDestroy recommends users remain vigilant against similar crypto-related scams and avoid engaging with suspicious claims promising free tokens or airdrops.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Scam type: Airdrop Scam
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["hugh.ns.cloudflare.com", "alice.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft", "Seclookup", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "Polkadot", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c678a-54cb-709d-9eab-2d2d9bebbd88.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f52862aa-5a3b-4944-ba05-dbb034950889
- PhishDestroy: https://phishdestroy.io/domain/airdrop-hyperliquid.claims/
- LLM endpoint: https://phishdestroy.io/domain/airdrop-hyperliquid.claims/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/airdrop-hyperliquid.claims/
Last updated: 2026-03-19