# flare.claims — SUSPICIOUS

> flare.claims is a crypto-drainer site detected by PhishDestroy—it poses as a legitimate token claim portal.

## Summary
PhishDestroy identifies flare.claims as an active crypto-draining scam that masquerades as a token-claim portal, tricking users into connecting wallets and signing malicious transactions that silently transfer digital assets to attacker-controlled addresses. The site’s domain was registered on March 16, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED and currently resolves to IP 188.114.97.3; despite zero detections on VirusTotal (0/95 engines as of seed 14d290), the absence of blocklist coverage does not guarantee safety—newly spun domains often fly under the radar until victims report losses.  Technical indicators corroborate the threat profile: the domain leverages a Let’s Encrypt SSL certificate to appear legitimate, yet its recent creation date and hosting on a bulletproof-hosted IP suggest transient infrastructure designed to evade takedowns. The registrar (NICENIC) has a history of enabling high-risk registrations, and the 0/95 VirusTotal score at seed 14d290 underscores the need for proactive defenses rather than reactive scanning. Users should treat flare.claims as hostile until proven otherwise.  If you visited flare.claims, immediately revoke any wallet-connected permissions via your wallet’s settings and transfer remaining funds to a fresh address. Monitor transaction logs for outgoing transfers and report suspicious activity to your wallet provider and relevant blockchain explorers. Consider deploying a hardware wallet for future interactions and enabling transaction simulation tools to block drainer calls before they execute.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-16 12:10:37
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e9dc680e-b75b-41f9-aa5e-7edc35d2effa
- PhishDestroy: https://phishdestroy.io/domain/flare.claims/
- LLM endpoint: https://phishdestroy.io/domain/flare.claims/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/flare.claims/
Last updated: 2026-03-23