# oe806.cn — SUSPICIOUS

> oe806.cn is a credential theft site mimicking popular services; VirusTotal shows 0/95 detections. Avoid entering any login details. Check before you click.

## Summary
PhishDestroy identifies oe806.cn as an active credential theft scam designed to steal user login details. This domain poses as a legitimate service to trick visitors into submitting sensitive information such as usernames, passwords, or recovery emails. Once harvested, attackers can use these credentials to access real accounts, leading to identity theft, financial loss, or further phishing campaigns targeting contacts in the victim’s network. The site’s operators rely on urgency and social engineering tactics, such as fake login prompts or “account suspension” alerts, to pressure users into acting without verifying the site’s authenticity.  This domain was flagged after security analysis revealed multiple red flags. oe806.cn was created on April 20, 2025, which is unusually recent for a legitimate domain, and it is registered through 北京新网数码信息技术有限公司, a registrar commonly used by malicious actors due to lax oversight. VirusTotal currently shows 0 out of 95 security engines detecting the domain as malicious, highlighting how new or evasive threats often evade detection until reported by users or researchers. Despite using a Let’s Encrypt SSL certificate, which may falsely imply trustworthiness, the domain’s infrastructure and registration details strongly suggest malicious intent. The server hosting the site is located at IP address 156.238.249.11, which has been linked to other suspicious activities in threat intelligence feeds.  If you visited oe806.cn, stop immediately and check your accounts for unauthorized access. Do not enter any login credentials or personal information. If you used the same password elsewhere, change it on all related accounts and enable two-factor authentication. Run a full scan using updated antivirus software and consider revoking any browser permissions granted to the site. Report the domain to your security team or platform provider, and avoid clicking any links from unsolicited emails or messages. Always verify the URL and use official channels before submitting sensitive data. Staying cautious and verifying websites before interaction can prevent credential theft and protect your digital identity.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-04-20 22:22:01
- Registrar: 北京新网数码信息技术有限公司
- IP: 156.238.249.11

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9e1e1924-a4a4-4008-984d-083e2585654f
- PhishDestroy: https://phishdestroy.io/domain/oe806.cn/
- LLM endpoint: https://phishdestroy.io/domain/oe806.cn/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/oe806.cn/
Last updated: 2026-03-22