# claim.moonbirbsol.xyz — SUSPICIOUS

> claim.moonbirbsol.xyz is an active medium-risk crypto drainer domain. Learn how to protect your assets from this emerging threat.

## Summary
PhishDestroy identifies claim.moonbirbsol.xyz as a medium-risk crypto drainer domain actively targeting cryptocurrency holders. This domain is designed to steal digital assets by tricking users into revealing private keys or wallet credentials, resulting in unauthorized crypto transfers.

The domain was registered on March 2, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com and resolves to the IP address 104.21.8.107. VirusTotal analysis shows 3 out of 95 security vendors flagging this domain, indicating some detection but also room for increased vigilance. The domain's relatively recent creation and use of a generic registrar are consistent with tactics often used in crypto fraud campaigns.

Currently active, claim.moonbirbsol.xyz poses a tangible threat to crypto users. It is recommended that individuals avoid interacting with this domain and ensure their wallets use hardware security and multi-factor authentication wherever possible. Security teams should monitor traffic for connections to this domain and consider blocking access to prevent potential crypto drain attacks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: Birb TGE

## Domain Intelligence
- Registered: 2026-03-05 15:07:02
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 104.21.8.107
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: amos.ns.cloudflare.com maya.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["ChainPatrol", "Seclookup", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/d4KjsnQ7/523103657e61.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/claim.moonbirbsol.xyz
- PhishDestroy: https://phishdestroy.io/domain/claim.moonbirbsol.xyz/
- LLM endpoint: https://phishdestroy.io/domain/claim.moonbirbsol.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claim.moonbirbsol.xyz/
Last updated: 2026-03-19