# ripplebcl.com — SUSPICIOUS > PhishDestroy flags ripplebcl.com as a Ripple impersonation phishing site with 0/95 VirusTotal detections. Do not enter credentials. ## Summary PhishDestroy identifies ripplebcl.com as an active generic phishing domain impersonating Ripple cryptocurrency services. The domain leverages a fake login page designed to harvest Ripple wallet credentials or seed phrases, likely integrating a crypto drainer kit to siphon funds upon authentication. The threat actor registered the domain through Global Domain Group LLC and provisioned a Let's Encrypt SSL certificate to enhance credibility. The domain resolves to IP 172.67.142.142 and was created on April 05, 2026, indicating a recently deployed infrastructure aimed at exploiting user trust in brand recognition. This domain exhibits minimal detection coverage, with 0/95 engines on VirusTotal currently flagging the page. The registrar Global Domain Group LLC is known for bulk domain registration, often associated with disposable or malicious infrastructure. The domain's creation date and hosting on Cloudflare IP 172.67.142.142 suggest a short-lived campaign designed to evade blocklists. As of now, the domain is not flagged in Google Safe Browsing (GSB) and has not been added to major threat intelligence feeds, leaving users vulnerable to exposure. The domain remains active and under investigation, with no immediate takedown action observed. PhishDestroy advises users to avoid interacting with ripplebcl.com and verify all Ripple-related domains via official channels. The remaining risk is classified as high due to the absence of detection signatures and the domain's recent creation, which aligns with typical phishing campaign timelines. Users should report this domain to PhishDestroy for further analysis and community protection. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Page title: Just a moment... ## Domain Intelligence - Registered: 2026-04-05 12:04:50 - Registrar: Global Domain Group LLC - IP: 172.67.142.142 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/ripplebcl.com - PhishDestroy: https://phishdestroy.io/domain/ripplebcl.com/ - LLM endpoint: https://phishdestroy.io/domain/ripplebcl.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ripplebcl.com/ Last updated: 2026-04-06