# cpr-broker.co — SUSPICIOUS

> PhishDestroy identifies cpr-broker.co as a live OKX brand impersonation phishing site. VirusTotal shows 0/95 detections. View the full threat report now.

## Summary
PhishDestroy identifies cpr-broker.co as an active brand impersonation phishing domain targeting OKX users. This fraudulent site mimics the legitimate OKX platform to deceive visitors into surrendering sensitive login credentials or financial data. The domain resolution to IP 188.114.97.3 and recent SSL certificate issuance by Google Trust Services suggest an attempt to appear legitimate at first glance. Threat actors registered the domain through CNOBIN INFORMATION TECHNOLOGY LIMITED on February 16, 2026, indicating a newly established infrastructure actively engaged in deceptive operations.  This domain poses a high risk due to its specific targeting of OKX users and its current lack of detection on VirusTotal, which shows 0/95 detections as of the latest scan. The technical indicators, including the IP resolution and SSL certificate, are consistent with phishing campaigns designed to bypass initial security checks. While the domain has not yet been widely flagged on blocklists, its recent creation and active status warrant immediate attention from security teams and users alike. The absence of detections highlights the sophisticated nature of this impersonation attempt, making it a critical threat to monitor.  Users who have visited cpr-broker.co should immediately assess their exposure by checking for any entered credentials or financial information. If any data was submitted, users must change their OKX account passwords immediately and enable multi-factor authentication (MFA). Additionally, users should scan their devices for malware using reputable security software and monitor their accounts for unauthorized transactions. Reporting the domain to OKX and relevant cybersecurity authorities can help mitigate further risks. Proactive vigilance and swift action are essential to prevent potential financial or data loss from this phishing scam.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: OKX

## Domain Intelligence
- Registered: 2026-02-16 07:36:52
- Registrar: CNOBIN INFORMATION TECHNOLOGY LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6968df6c-148c-4462-a524-9f74c36dd8c0
- PhishDestroy: https://phishdestroy.io/domain/cpr-broker.co/
- LLM endpoint: https://phishdestroy.io/domain/cpr-broker.co/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cpr-broker.co/
Last updated: 2026-03-28