# claimshape.network — SUSPICIOUS > claimshape.network linked to crypto drainer kit with 0/95 VirusTotal detections. Verify full forensic report for safety guidance. ## Summary PhishDestroy identifies claimshape.network as an active crypto drainer domain currently under investigation for malicious behavior. The site leverages a drainer kit designed to siphon cryptocurrency assets from unsuspecting victims, likely deployed through phishing campaigns targeting crypto users. No specific brand impersonation has been confirmed at this stage, but the infrastructure suggests a high-risk operation aimed at unauthorized fund extraction. Technical indicators confirm this domain was registered via Cloudflare, Inc., resolving to IP 172.67.220.32 with a Let's Encrypt SSL certificate. The domain was created on March 20, 2026, and currently shows 0/95 detections on VirusTotal with no Google Safe Browsing (GSB) or blocklist entries recorded to date. These metrics indicate a newly active threat with minimal exposure in security vendor databases, posing elevated risk to early visitors or campaign targets. Current status remains active with an under_investigation classification. Immediate response actions include ongoing monitoring for blocklist inclusion and signature updates. Remaining risk is assessed as high due to the drainer kit’s presence, zero detections, and fresh registration—users interacting with this domain may face irreversible asset loss. Users are advised to avoid this domain entirely and report any related phishing links to security teams. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-20 22:00:29 - Registrar: Cloudflare, Inc - IP: 172.67.220.32 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/03ffaf66-0ff7-447e-a9df-6670402a445a - PhishDestroy: https://phishdestroy.io/domain/claimshape.network/ - LLM endpoint: https://phishdestroy.io/domain/claimshape.network/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/claimshape.network/ Last updated: 2026-03-25