# app.xtrading.exchange — SUSPICIOUS > PhishDestroy identifies app.xtrading.exchange as a fake trading platform scam with 0/95 VirusTotal detections, stealing credentials via credential harvesting. ## Summary PhishDestroy identifies app.xtrading.exchange as a live credential-harvesting phishing domain masquerading as a legitimate trading platform to steal financial account credentials. This domain resolves to IP 216.150.1.65 and uses a Let’s Encrypt SSL certificate to appear trusted while hosting a spoofed login page that captures usernames and passwords. The low detection rate (0/95 on VirusTotal) suggests it remains under the radar of most scanners, increasing the risk to visitors who may unwittingly submit sensitive data. Investigators found no evidence of blocklist entries at the time of analysis, indicating the domain is newly active and still evading blacklists. This domain was registered recently and has not yet been widely flagged, making it a stealth threat to users who encounter it via email, social media, or search engine results. The combination of a fresh domain, low detection, and a benign SSL certificate creates a deceptive facade that lures victims into entering their financial credentials. If you visited app.xtrading.exchange, cease use immediately and change passwords on all financial accounts. Scan all devices for malware and report the domain to your bank and relevant cybercrime units. Avoid clicking any links or providing data to this site, and warn others who may have encountered it. Block the IP 216.150.1.65 and the domain at your network perimeter to prevent further access. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 216.150.1.65 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2bd90cc4-a83d-465c-90ef-ae0a8fccf3de - PhishDestroy: https://phishdestroy.io/domain/app.xtrading.exchange/ - LLM endpoint: https://phishdestroy.io/domain/app.xtrading.exchange/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app.xtrading.exchange/ Last updated: 2026-04-01