# dexrsceener.cc — SUSPICIOUS

> dexrsceener.cc is an active crypto drainer skimmer flagged by 4 of 95 VirusTotal vendors. This credential theft domain raised elevated risks.

## Summary
PhishDestroy identifies dexrsceener.cc as an active credential theft domain masquerading as a legitimate scanner interface.

This domain was flagged by 4 of 95 VirusTotal vendors, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolving to IP 188.114.97.3, and created on June 24, 2025. The page title www.www.dexrsceener.cc is an anomalous format suggesting redirection or obfuscation, with a low trust score from security vendors.

This domain remains active and high-risk. Organizations and users should block access to dexrsceener.cc at the network and endpoint levels. Implement firewall rules to block the IP 188.114.97.3. Conduct user awareness training to recognize false scanner pages and avoid inputting sensitive credentials. Report the domain to threat intelligence platforms and security vendors for continued monitoring. Monitor network traffic for connections to associated infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Page title: www.www.dexrsceener.cc

## Domain Intelligence
- Registered: 2025-06-24 16:22:56
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e76f95cf-9ef3-4d99-8c52-71f89aa84ad7
- PhishDestroy: https://phishdestroy.io/domain/dexrsceener.cc/
- LLM endpoint: https://phishdestroy.io/domain/dexrsceener.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dexrsceener.cc/
Last updated: 2026-03-25