# enter-ht.xyz — SUSPICIOUS

> enter-ht.xyz is an active HTX brand impersonation phishing site with 0/95 VirusTotal detections. Investigate further in our full report.

## Summary
PhishDestroy identifies enter-ht.xyz as an active domain engaged in HTX brand impersonation, posing as the legitimate HTX cryptocurrency exchange platform. The threat actor leverages domain spoofing tactics, including the inclusion of 'HT' in the domain name to mimic the official HTX branding. This site is designed to deceive users into entering sensitive credentials or financial information under the false pretense of a legitimate service.  This domain was flagged for analysis on April 01, 2026, due to its suspicious characteristics. VirusTotal currently shows 0/95 detections, indicating that traditional antivirus and security tools have not yet flagged it. The domain is registered through PDR Ltd. d/b/a PublicDomainRegistry.com and resolves to IP address 104.21.81.2. The SSL certificate, issued by Let's Encrypt, adds a false sense of legitimacy, further aiding the phishing operation. These indicators suggest a newly deployed or stealthily operated campaign targeting HTX users.  If you have visited enter-ht.xyz, immediately cease any interaction with the site. Disconnect from any sessions and log out of your HTX account from a verified device. Scan your device for malware using up-to-date security software. Change your HTX account password via the official HTX website, and enable two-factor authentication if not already active. Report the incident to HTX support and consider monitoring your account for unauthorized transactions. Avoid clicking on any links from unsolicited emails or messages related to this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: HTX

## Domain Intelligence
- Registered: 2026-04-01 18:25:21
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 104.21.81.2

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/enter-ht.xyz
- PhishDestroy: https://phishdestroy.io/domain/enter-ht.xyz/
- LLM endpoint: https://phishdestroy.io/domain/enter-ht.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/enter-ht.xyz/
Last updated: 2026-04-02