# im-tokenex.cc — MALICIOUS

> Im-tokenex.cc is flagged for phishing and social engineering risks. Avoid this site to protect your info. Check safety now with PhishDestroy.

## Summary
PhishDestroy identifies im-tokenex.cc as a high-risk phishing domain designed to deceive users. Despite being taken offline, this suspicious site was associated with social engineering tactics that aim to trick visitors into sharing sensitive information such as login credentials or financial data. The domain's recent creation date and multiple security blocklist appearances add to its risk profile.

This phishing scheme typically works by mimicking legitimate services or platforms to gain users’ trust. Victims may have been lured by fake prompts or messages encouraging them to input private details, which attackers could then misuse for fraud or identity theft. Google Safe Browsing's classification of the domain as "SOCIAL_ENGINEERING" further confirms its intent to manipulate users into unsafe actions.

If you accessed im-tokenex.cc, it is important to immediately change any passwords or security information you may have entered. Monitor your accounts closely for suspicious activity and consider enabling two-factor authentication. Running a comprehensive security scan on your device is also recommended to detect any potential malware. Always verify website URLs carefully and use trusted security tools to avoid falling victim to such scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)

## Domain Intelligence
- Registered: 2025-09-04 15:08:46
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- Nameservers: ["PHOENIX.NS.CLOUDFLARE.COM", "TERIN.NS.CLOUDFLARE.COM"]

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Seclookup", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/924dc733-7121-46cc-9fed-978759856b06
- PhishDestroy: https://phishdestroy.io/domain/im-tokenex.cc/
- LLM endpoint: https://phishdestroy.io/domain/im-tokenex.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/im-tokenex.cc/
Last updated: 2026-03-19