# xchngbng.pages.dev — SUSPICIOUS > xchngbng.pages.dev is a crypto drainer phishing domain with 0/95 VirusTotal detections. Avoid entering credentials or crypto wallet details. ## Summary PhishDestroy identifies xchngbng.pages.dev as an active crypto drainer phishing domain currently under investigation. This fraudulent site poses a high risk to unsuspecting users by impersonating legitimate cryptocurrency services to siphon digital assets. The domain leverages Cloudflare’s infrastructure and a Google Trust Services SSL certificate to appear legitimate, but its behavior aligns with known crypto drainer tactics. xchngbng.pages.dev resolves to IP address 172.66.44.52 and is registered through Cloudflare, Inc. As of the latest scan, it shows 0 detections out of 95 on VirusTotal, indicating it has not yet been widely blocked or flagged by security engines. The domain was created recently and lacks presence on major blocklists, suggesting a newly launched campaign. Despite its clean VT score, the absence of trust indicators and alignment with crypto drainer patterns—such as deceptive URLs and fraudulent SSL certificates—warrant immediate caution. To mitigate risk, users should avoid interacting with xchngbng.pages.dev entirely. If you suspect exposure, revoke any wallet connections made via this domain and scan devices for malware. Report the domain to security platforms like VirusTotal, URLVoid, and PhishTank to expedite takedown. Organizations should block 172.66.44.52 at the network level and warn employees about this specific crypto drainer campaign. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.52 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/d3e7a721-69a1-4985-933e-73ac171a7c16 - PhishDestroy: https://phishdestroy.io/domain/xchngbng.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/xchngbng.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/xchngbng.pages.dev/ Last updated: 2026-03-28