# swap.taher13.com — SUSPICIOUS > swap.taher13.com hosts a crypto drainer active since Dec 2024. Flagged by 0/95 VirusTotal vendors. Avoid this crypto scam now. ## Summary PhishDestroy identifies swap.taher13.com as a live crypto drainer site currently under investigation. The domain is classified under the generic phishing threat type with a current risk level marked as active. No specific brand impersonation has been confirmed at this stage, but the site’s behavioral indicators strongly suggest automated cryptocurrency fund extraction via deceptive wallet connection prompts. This domain was flagged by 0 out of 95 VirusTotal vendors as of the latest scan, indicating a low immediate detection rate despite its suspicious behavior. It resolves to IP address 92.113.23.129, which is registered through HOSTINGER operations, UAB. The domain was created on December 01, 2024, and currently holds a valid SSL certificate issued by Let’s Encrypt. No known blocklist entries or negative trust scores were detected in the provided intelligence, though the lack of vendor detection highlights the evolving nature of such threats. The infrastructure lacks reputation, and the recent creation date combined with the cryptocurrency-related function raises immediate alarm. Given the active status, crypto drainer behavior, and absence of vendor detection, PhishDestroy advises users to avoid interacting with swap.taher13.com entirely. Do not connect wallets, enter private keys, or transact on this domain. Users who have already visited should check wallet activity for unauthorized transactions and revoke any connected permissions via their wallet’s security settings. Monitor device logs for unusual outbound connections to 92.113.23.129. Report this domain to your antivirus vendor and consider updating browser security extensions to block known crypto drainer domains. Exercise heightened caution with any recently registered swap or trading-related domains, especially those using free hosting services. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2024-12-01 17:41:16 - Registrar: HOSTINGER operations, UAB - IP: 92.113.23.129 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4278c141-6642-4648-a454-1a216c563bdb - PhishDestroy: https://phishdestroy.io/domain/swap.taher13.com/ - LLM endpoint: https://phishdestroy.io/domain/swap.taher13.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/swap.taher13.com/ Last updated: 2026-03-22