# megaeth.claims — SUSPICIOUS

> megaeth.claims is a crypto-drainer site with 0/95 VirusTotal detections, created Jan 28 2026. Avoid wallet connections; block 104.21.85.39 traffic now.

## Summary
PhishDestroy identifies megaeth.claims as an active crypto-drainer domain currently under investigation. This site is designed to trick visitors into connecting cryptocurrency wallets and silently draining funds under the guise of token claims or airdrops. The page resolves to the IP address 104.21.85.39 and was registered on January 28, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED, using a Google Trust Services SSL certificate.  This domain has not been detected by any of the 95 VirusTotal scanners, indicating it is actively evading detection at the time of analysis. Its recent creation date and low blocklist coverage suggest it is a newly deployed threat actor asset. Independent security services such as MetaMask and SEAL have already implemented active blocking against this domain, confirming malicious intent.  If you visited megaeth.claims, disconnect your wallet immediately and revoke any unauthorized permissions via your wallet’s settings or tools like revoke.cash. Do not interact further with the site or any linked transactions. Report the domain to your browser, wallet provider, and threat intelligence platforms. Consider rotating wallet keys if you authorized a connection, as crypto-drainers can execute transfers without additional prompts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-28 14:05:56
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.85.39

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/23075402-19db-44d4-acf0-5ee03aa5e18c
- PhishDestroy: https://phishdestroy.io/domain/megaeth.claims/
- LLM endpoint: https://phishdestroy.io/domain/megaeth.claims/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/megaeth.claims/
Last updated: 2026-03-30