# yellowclaim.com — SUSPICIOUS

> yellowclaim.com is a crypto drainer scam under investigation posing as a claims platform. Resolves to IP 188.114.97.3 with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies yellowclaim.com as an active crypto drainer domain under investigation, posing a direct risk to cryptocurrency users seeking to claim assets or rewards. This domain is specifically engineered to deceive victims into connecting their wallets and authorizing malicious smart contract transactions that silently drain crypto funds. Due to its active status and emergent threat profile, users are strongly advised to treat this domain as hostile and avoid any interaction until a full investigation concludes. The operational window remains open, and the threat is escalating within underground crypto communities.

This domain was flagged with several concerning technical indicators. It resolves to IP 188.114.97.3 and is protected by a Let’s Encrypt SSL certificate. Registered on March 15, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED, it currently shows 0 detections out of 95 on VirusTotal and remains unlisted on major threat blocklists. The seed identifier 7ca74f confirms this as a tracked sample within our monitoring system. Despite its clean detection score, the domain’s recent creation date, hosting infrastructure, and association with crypto drainer campaigns suggest high-risk behavior that warrants immediate caution.

To mitigate exposure to this crypto drainer threat, users should immediately block yellowclaim.com at the network and DNS levels using updated blocklists such as PhishDestroy’s threat feed. Never connect your wallet or enter private keys on this domain. Always verify URLs through official channels and use hardware wallets or transaction simulation tools before approving transfers. Report any suspicious interactions to relevant authorities and crypto platforms. Monitor wallet activity for unauthorized transactions and revoke any suspicious smart contract approvals using tools like revoke.cash. Stay vigilant—crypto drainers exploit urgency and misinformation to bypass detection systems like VirusTotal in early stages.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-15 17:14:52
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/17a134d0-1430-4aaf-b621-89c275fa867f
- PhishDestroy: https://phishdestroy.io/domain/yellowclaim.com/
- LLM endpoint: https://phishdestroy.io/domain/yellowclaim.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/yellowclaim.com/
Last updated: 2026-03-23