Mods - apologies if this is mis-placed....
EDIT: sorry, since posting this I realise that I fell for a phishing site. Please do not go there. In fact, I will remove the search terms from the post below.
The other day I either got scammed/hacked or did something to my ERC20 wallet that made it inaccessible. I suspect the former, but just in case, I hope for some advice.
I made a mistake of talking online (Telegram) to a person possibly impersonating a mod from an altcoin chatroom. We were troubleshooting some staking functionality and in the process of doing so I entered (pasted in) private key / mnemonics onto a site that I thought was safe (in fact you can run it offline, which I did NOT do). I hesitate to post it here just in case this message gets flagged as a scam, but if you search 'xpub' and '[removed]' you will find it. (Please do not enter any of private keys there just in case). About an hour after doing so, I found that most of my tokens got moved to a different address, which I don't (think I) have control over. edit: note that I did not show my private key in the chat room, but I did reveal the address.
So my question is - did I get scammed (ie contents of my clipboard with the private keys get intercepted by the Telegram chat participant) or is it possible that I inadvertently altered/moved my tokens to a different address via the above site. I suspect I am dreaming thinking that I can recover them, but it is worth asking. I admit that I don't know enough about the generation of private keys from mnemonic phrases and the relationship to the public key/address.
Finally - yes, I realise that I likely did a stupid thing. And I have been in crypto for 4+ years.... sigh