# chromewebstoreimtoken.pages.dev — SUSPICIOUS

> chromewebstoreimtoken.pages.dev is a brand impersonation site mimicking OKX with 0/95 VirusTotal detections. Remove access to funds now.

## Summary
PhishDestroy identifies chromewebstoreimtoken.pages.dev as a brand impersonation scam page that poses as an official OKX Chrome extension from the Web Store. The site attempts to trick visitors into downloading a malicious browser extension designed to drain cryptocurrency wallets. Once installed, such crypto drainers silently connect to blockchain networks and transfer tokens to attacker-controlled addresses, often without the user's knowledge. This type of threat is particularly dangerous because it abuses the trust associated with well-known brands like OKX to gain credibility and increase infection rates.

This domain was flagged with a brand impersonation threat, resolving to IP 188.114.97.3 through Cloudflare. VirusTotal currently shows 0 out of 95 security engines detecting the page, indicating it has not yet been widely recognized as malicious. The use of Cloudflare’s infrastructure suggests the operators are leveraging a reputable CDN to evade detection and maintain availability. Such sites are frequently hosted on free or low-cost platforms to minimize operational costs while maximizing reach.

If you visited chromewebstoreimtoken.pages.dev or downloaded anything from it, disconnect your device from the internet immediately. Use a trusted antivirus or malware scanner to perform a full system check, focusing on browser extensions and recently installed software. Revoke any permissions granted to unknown or suspicious extensions in your wallet and browser settings. Transfer remaining funds to a clean wallet as soon as possible and consider using a hardware wallet for added security. Always download browser extensions directly from official sources and verify the publisher before installation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: OKX

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- PhishDestroy: https://phishdestroy.io/domain/chromewebstoreimtoken.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/chromewebstoreimtoken.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/chromewebstoreimtoken.pages.dev/
Last updated: 2026-03-26