# clarice-note.com — SUSPICIOUS > clarice-note.com impersonates a note-taking app to deploy drainer malware. This newly registered domain (June 2022) hosts a live phishing page with 0/95. ## Summary PhishDestroy identifies clarice-note.com as an active generic phishing domain impersonating a notepad application to deploy drainer malware. The domain was registered on June 15, 2022, through NAMECHEAP INC and resolves to IP 188.114.96.3, which is currently unblocked by Google Safe Browsing (GSB) with 0/95 VirusTotal detections as of seed 9627e1. No specific drainer kit signatures have been publicly documented yet, but the domain’s infrastructure suggests an active campaign targeting unsuspecting users. Exact technical indicators reveal this domain has no current detections despite minimal age, lacks a crowd-sourced blocklist presence, and operates with an SSL certificate issued by Google Trust Services. The registrar is NAMECHEAP INC, and the domain’s creation timestamp aligns with recent campaigns leveraging newly registered domains (NRDs) to evade detection. Its IP (188.114.96.3) shows no prior associations with known malicious infrastructure, increasing the risk of fresh abuse. As of this report, clarice-note.com remains active and under investigation with a status of 'under_investigation' and a risk level of 'under_investigation'. Users are advised to avoid interacting with this domain, as it may harvest sensitive data or cryptocurrency. Security teams should monitor for associations with this IP and domain due to the high potential for escalation. Remaining risk is elevated given its undetected status and clean infrastructure profile. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2022-06-15 13:29:49 - Registrar: NAMECHEAP INC - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b26f8a71-2865-4758-a8d1-da930f2fae90 - PhishDestroy: https://phishdestroy.io/domain/clarice-note.com/ - LLM endpoint: https://phishdestroy.io/domain/clarice-note.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/clarice-note.com/ Last updated: 2026-03-26