# xaexinityint.com — SUSPICIOUS > xaexinityint.com hosts a crypto drainer impersonating a legitimate service. This domain was flagged by 1/95 security vendors and resolves to IP 203.91.77.9. ## Summary PhishDestroy identifies xaexinityint.com as an active crypto drainer phishing domain targeting cryptocurrency users. The domain mimics a trusted platform, likely exploiting brand recognition to deceive victims into connecting wallets or entering credentials. No specific drainer kit has been publicly disclosed, but the domain’s infrastructure suggests a high-risk operation designed for fund misappropriation or credential theft. This domain was registered through Hello Internet Corp on March 13, 2026, and resolves to IP address 203.91.77.9. VirusTotal reports a detection ratio of 1/95 security vendors, indicating low but notable suspicion. The domain utilizes an SSL certificate issued by sslTrus, a tactic commonly employed to appear legitimate. Additionally, the domain remains unblocked by Google Safe Browsing (GSB) and has not been flagged on major blocklists, increasing its potential reach. The campaign is currently active, with no known takedown actions as of this report. Users are advised to avoid interacting with xaexinityint.com and verify its status via PhishDestroy’s threat intelligence tools. The elevated risk stems from the domain’s fresh registration, low detection rate, and crypto-focused deception tactics. Remaining risk is high due to the lack of widespread blocking and the domain’s likely intent to defraud cryptocurrency holders. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-13 08:28:49 - Registrar: Hello Internet Corp - IP: 203.91.77.9 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/bd175786-aecb-4ab1-acb7-bb9a2814a220 - PhishDestroy: https://phishdestroy.io/domain/xaexinityint.com/ - LLM endpoint: https://phishdestroy.io/domain/xaexinityint.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/xaexinityint.com/ Last updated: 2026-03-23