# aganwa2.com — SUSPICIOUS

> PhishDestroy warns that aganwa2.com hosts a crypto drainer impersonating a major brand. Site registered March 31 2026; verify before you click.

## Summary
PhishDestroy identifies the domain aganwa2.com as a recently activated crypto-drainer campaign, currently under forensic review for active credential theft and wallet draining activities. The site does not masquerade under a specific brand name in its present state, but its payloads align with generic drainer kits delivered via fake login overlays and clipboard manipulation scripts. Technical indicators place the domain’s creation on March 31 2026, only days before its first observed malicious payload delivery.  

PhishDestroy’s deep scan reveals zero detections on VirusTotal (0/95 engines), confirming the domain remains unlisted on mainstream blocklists despite its active infrastructure. Hosting is routed through AS48635 (Hosting Concepts B.V. / Registrar.eu) on IP 103.187.146.70, which is additionally secured by a Let’s Encrypt TLS certificate issued for hostname validation. The domain is not flagged by Google Safe Browsing and remains absent from public phishing feeds, giving it a low overt detection footprint while the campaign continues to harvest cryptocurrency deposits.  

As of the latest intelligence cycle, aganwa2.com remains classified under investigation with an active threat status, indicating ongoing payload delivery and wallet draining attempts. PhishDestroy analysts have flagged this domain for immediate blacklist submission and are collaborating with hosting providers to revoke infrastructure access. Users are strongly advised to avoid interacting with the site and to verify any suspicious links against PhishDestroy’s real-time blocklist. Although the immediate risk is elevated given the fresh registration and zero current detections, the absence of proactive blocklisting underscores the need for continuous monitoring and community reporting to prevent wallet losses.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-31 13:04:48
- Registrar: Hosting Concepts B.V. d/b/a Registrar.eu
- IP: 103.187.146.70

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/aganwa2.com
- PhishDestroy: https://phishdestroy.io/domain/aganwa2.com/
- LLM endpoint: https://phishdestroy.io/domain/aganwa2.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/aganwa2.com/
Last updated: 2026-04-05