# onch.click — SUSPICIOUS

> onch.click was identified in a phishing scheme with low risk. Stay vigilant and avoid interaction. Check latest updates on onch.click safety.

## Summary
PhishDestroy has identified the domain onch.click as a generic phishing threat. This low-risk classification stems from its association with phishing activities, primarily aiming to deceive users by masquerading as a legitimate site. While the page currently returns a 404 error, the domain's history suggests malicious intent targeted at credential theft or fraudulent engagement.

Technical indicators linked to onch.click include its registration through PDR Ltd. d/b/a PublicDomainRegistry.com and its resolution to the IP address 188.114.97.3. VirusTotal analysis reveals minimal detection, with only 2 of 95 security vendors flagging the domain, and it appears on a single security blocklist, indicating limited but notable suspicion. The domain was registered recently on March 09, 2026, which aligns with common phishing tactics of using new, disposable domains.

Currently, onch.click is offline, mitigating immediate risk to users. Its inactive status follows its detection and subsequent blocking, reducing exposure to potential victims. PhishDestroy recommends maintaining awareness of such low-profile phishing domains and encourages users to verify domain legitimacy before engagement. Continuous monitoring and timely takedown actions remain critical in managing emerging phishing threats like onch.click.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: 404

## Domain Intelligence
- Registered: 2026-03-09 01:07:01
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["owen.ns.cloudflare.com", "elaine.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["SOCRadar", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/4nHpXxTg/b76fe7976ba3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/c66fa251-7af7-41e5-b5da-705d45e8c4cd
- Wayback Machine: https://web.archive.org/web/https://onch.click
- PhishDestroy: https://phishdestroy.io/domain/onch.click/
- LLM endpoint: https://phishdestroy.io/domain/onch.click/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/onch.click/
Last updated: 2026-03-19