# onyxqi76.cfd — SUSPICIOUS > Onyxqi76.cfd is a crypto drainer site flagged for phishing. Registered March 31, 2026, it shows 0/95 VirusTotal detections. ## Summary PhishDestroy identifies Onyxqi76.cfd as an active crypto drainer domain designed to steal cryptocurrency from unsuspecting users. This fraudulent site poses a significant threat by impersonating legitimate platforms to trick visitors into connecting their digital wallets, where malicious scripts then drain funds without consent. The domain leverages deceptive tactics, including fake login portals and fraudulent transaction confirmations, to exploit cryptocurrency holders. Users who interact with Onyxqi76.cfd risk losing their entire wallet balances to automated theft mechanisms. This domain was flagged through PhishDestroy’s automated threat analysis pipeline, revealing several red flags that confirm its malicious intent. Onyxqi76.cfd was registered on March 31, 2026, through Aceville Pte. Ltd., a registrar often associated with high-risk domains. VirusTotal currently shows 0 detections out of 95 scanning engines, indicating that traditional antivirus tools have not yet blacklisted this threat. The domain resolves to IP address 47.242.31.178, a server linked to multiple fraudulent activities. Additionally, the site holds a Let’s Encrypt SSL certificate, which attackers commonly exploit to appear legitimate and evade browser warnings. These technical indicators collectively suggest a newly deployed, stealthy operation aimed at bypassing initial detection layers. If you have visited Onyxqi76.cfd or suspect interaction with this domain, take immediate action to secure your assets. Disconnect your device from the internet to prevent further unauthorized transactions. Check your cryptocurrency wallets for unauthorized transfers or suspicious approvals. Revoke any wallet connection permissions made on this site using your wallet’s security settings. Report the domain to PhishDestroy using the unique seed ef6a93 to help block future access. Avoid reusing passwords or recovery phrases exposed on this site. Stay vigilant: only interact with platforms you have directly verified through official sources and trusted channels. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-31 14:59:55 - Registrar: Aceville Pte. Ltd. - IP: 47.242.31.178 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7299e710-2442-476e-a00c-c960fff5dbc4 - PhishDestroy: https://phishdestroy.io/domain/onyxqi76.cfd/ - LLM endpoint: https://phishdestroy.io/domain/onyxqi76.cfd/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/onyxqi76.cfd/ Last updated: 2026-03-31