IOC Radar
DomainMediumSignal 50/100

claudeshop.app

Location
GermanyGermany
First Seen
Apr 21, 2026
Last Seen
Apr 29, 2026
Apr 21
First Seen
54d ago
Apr 29
Last Seen
46d ago
4
Reports
source reports
50%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

4 reports50% confidence
4
Source reports
50%
Confidence score
Category tags
blocklistcryptocryptocurrencydrainereuropefraudgermanyindicatornetworkphishingresearchedscamscams & fraud

Activity Timeline

1 total obs
Apr 29Apr 29

Threat Activity Heatmap

· Peak: 2026-04-29
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), `claudeshop.app`, represents a significant and active threat that demands immediate attention. With a threat score of approximately 49.58, this domain is strongly associated with phishing and crypto scam campaigns, as evidenced by its inclusion in "PhishDestroy — Active Phishing & Crypto Scam Domains" intelligence feeds. The potential impact of this IOC on an organization is severe, encompassing financial loss through fraudulent schemes, compromise of sensitiv…

Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
4
Reports
First seenApr 21, 2026
Last seenApr 29, 2026

VirusTotal

Not checked

WHOIS

description
Real-time feed of phishing, crypto drainer, and scam domains detected by PhishDestroy (phishdestroy.io). Updated hourly. 108K+ domains tracked, 55K+ currently active. Source: github.com/phishdestroy/destroylist
domain rank
-1
raw
Create date: 2026-04-14 00:00:00 Domain name: claudeshop.app Domain registrar id: 3765.0 Domain registrar url: https://rdap.nicenic.net Expiry date: 2027-04-14 00:00:00 Name server 1: nolan.ns.cloudflare.com Name server 2: val.ns.cloudflare.com Query time: 2026-04-14 05:16:47 Update date: 2026-04-14 00:00:00
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 4 threat reports