# onchnia.com — SUSPICIOUS

> onchnia.com is a phishing domain posing as a legitimate site. It was registered on October 18, 2025, and only 1 out of 95 VirusTotal scanners detected it.

## Summary
PhishDestroy identifies onchnia.com as an active phishing domain designed to steal login credentials and sensitive user data. This site mimics legitimate services to trick visitors into entering personal information, which is then harvested by attackers for fraudulent purposes. The domain is currently resolving to IP address 104.21.48.172 and is protected by a Google Trust Services SSL certificate, which may falsely enhance its appearance of legitimacy. Users who interact with this site risk exposing usernames, passwords, or financial details to malicious actors.  

This domain was flagged by PhishDestroy due to its elevated risk level and minimal detection by security vendors. VirusTotal analysis shows that only 1 out of 95 security scanners identified onchnia.com as malicious, highlighting how new and stealthy phishing campaigns can evade initial detection. The domain was registered on October 18, 2025, through Gname.com Pte. Ltd., a registrar often associated with bulk domain registrations that can obscure the true owners of fraudulent sites. The combination of a recently registered domain, low detection rates, and a deceptive SSL certificate creates a dangerous environment for unsuspecting users.  

If you have visited onchnia.com, immediately cease any interaction with the site and avoid entering personal or financial information. Check your accounts for any unauthorized access or suspicious activity, and consider changing passwords for accounts where you may have reused credentials. Report the domain to your email provider or security team to help block future access. If you entered sensitive data, monitor your financial statements and credit reports for signs of fraud. Consider enabling two-factor authentication on critical accounts to add an extra layer of security. Stay vigilant and verify the legitimacy of websites before sharing any personal information.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-18 03:41:10
- Registrar: Gname.com Pte. Ltd.
- IP: 104.21.48.172

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/onchnia.com
- PhishDestroy: https://phishdestroy.io/domain/onchnia.com/
- LLM endpoint: https://phishdestroy.io/domain/onchnia.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/onchnia.com/
Last updated: 2026-04-09