# okx-web3-usdt-trc20-00000000001.pages.dev — SUSPICIOUS > okx-web3-usdt-trc20-00000000001.pages.dev impersonates OKX in a TRC-20 USDT phishing scam. 0/95 VirusTotal detections — Check the full report. ## Summary okx-web3-usdt-trc20-00000000001.pages.dev has been flagged as an active brand-impersonation phishing site masquerading as OKX’s TRC-20 USDT service. The domain is categorized as a high-risk threat due to its deliberate misuse of the OKX brand to deceive users into divulging credentials or transferring cryptocurrency under false pretenses. PhishDestroy assesses the threat level as active and under investigation, with indicators pointing to ongoing malicious operations targeting cryptocurrency users familiar with OKX’s legitimate services. This domain was flagged with a VirusTotal detection rate of 0/95 at the time of analysis, indicating it remains undetected by mainstream antivirus engines despite clear signs of impersonation. The site is hosted on Cloudflare Pages and resolves to IP address 172.66.44.238, utilizing a Google Trust Services SSL certificate to enhance its appearance of legitimacy. While the creation date is not provided, the domain’s structure—using Cloudflare’s pages.dev subdomain and a numeric suffix mimicking official transaction IDs—suggests a recent deployment aimed at capitalizing on user trust in established exchanges. No current listings on major blocklists were detected at the time of assessment, emphasizing the need for proactive monitoring and user vigilance. Users are advised to avoid interacting with this domain and to verify any cryptocurrency-related URLs through official OKX channels before taking action. Organizations should implement DNS filtering to block access to the domain and related IP addresses. Additionally, security teams are encouraged to monitor for similar domains using Cloudflare Pages and TRC-20-themed lures, as this campaign may expand or evolve. Report the domain to OKX’s abuse team and relevant threat intelligence platforms to aid in broader mitigation efforts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: OKX ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.238 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/45a26f59-61c6-4e27-b21f-8523e36bdac5 - PhishDestroy: https://phishdestroy.io/domain/okx-web3-usdt-trc20-00000000001.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/okx-web3-usdt-trc20-00000000001.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/okx-web3-usdt-trc20-00000000001.pages.dev/ Last updated: 2026-03-28