# rexassupport.pages.dev — SUSPICIOUS

> rexassupport.pages.dev is a crypto drainer impersonating REXAS. Flagged by 0 of 95 VirusTotal vendors—verify on PhishDestroy before clicking.

## Summary
rexassupport.pages.dev is currently under investigation as an active crypto drainer scam impersonating the REXAS brand. The domain leverages Cloudflare Pages to host malicious content designed to drain cryptocurrency wallets under the guise of providing customer support.


PhishDestroy identifies this domain as a high-risk crypto drainer with verified threat signals. The domain resolves to IP 172.66.47.156 and is registered through Cloudflare, Inc. The malicious page has not been flagged by any of the 95 VirusTotal vendors, possesses a valid SSL certificate issued by Google Trust Services, and appears on 2 security blocklists. Notably, the domain is already blocked by SEAL and MetaMask, underscoring its malicious nature despite low detection rates among scanning tools.


This domain remains active and poses an ongoing threat to cryptocurrency users seeking support for REXAS products. Users are strongly advised to avoid interacting with rexassupport.pages.dev entirely. For accurate verification, utilize PhishDestroy’s real-time scam detection tool before engaging with any unknown domains, especially those claiming to offer crypto wallet or exchange support. Exercise extreme caution with any unsolicited links or support pages claiming affiliation with REXAS.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.156

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["SEAL", "MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f227ee21-944c-40bf-a95c-9e3f26e4e194
- PhishDestroy: https://phishdestroy.io/domain/rexassupport.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/rexassupport.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rexassupport.pages.dev/
Last updated: 2026-03-22