# pc.htecmaroketsmw.cc — SUSPICIOUS

> pc.htecmaroketsmw.cc mimics OKX exchange to steal credentials. Google Safe Browsing flags this active phishing domain. Check the full report.

## Summary
PhishDestroy identifies pc.htecmaroketsmw.cc as an active brand-impersonation phishing domain targeting OKX users. This domain employs deceptive naming conventions—“htecmaroketsmw” deliberately mirrors OKX to mislead visitors into believing they are interacting with the legitimate OKX platform. No evidence of a drainer kit or advanced JavaScript-based theft mechanisms has been observed at this time; however, the domain’s sole purpose is to harvest login credentials and sensitive financial data under the guise of a trusted exchange interface.

Technical analysis reveals this domain was registered on September 04, 2025, through Gname.com Pte. Ltd., a registrar known for accommodating high-risk registrations. The domain resolves to IP address 188.114.96.3 and is secured with a Google Trust Services SSL certificate, likely intended to add false legitimacy. According to VirusTotal, the domain remains undetected by security engines with a 0/95 detection score as of the latest scan. Google Safe Browsing has flagged the domain under the SOCIAL_ENGINEERING category, indicating active deception. The domain is currently listed in 1 blocklist, though additional monitoring is required due to its recent creation and evolving infrastructure.

The domain is currently classified as ACTIVE with a risk level marked UNDER_INVESTIGATION. Despite its low detection rate and recent registration, the presence of a SOCIAL_ENGINEERING flag from Google Safe Browsing and the impersonation of a major cryptocurrency exchange warrant immediate caution. Users should avoid interacting with this domain and report it through official channels. Security teams are advised to block the domain at the network level and monitor for associated IP ranges. Remaining risk is assessed as MODERATE due to the domain’s active status, but continued analysis is essential as threat actors may rapidly evolve infrastructure or deploy additional malicious payloads.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: OKX

## Domain Intelligence
- Registered: 2025-09-04 05:13:36
- Registrar: Gname.com Pte. Ltd.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/pc.htecmaroketsmw.cc
- PhishDestroy: https://phishdestroy.io/domain/pc.htecmaroketsmw.cc/
- LLM endpoint: https://phishdestroy.io/domain/pc.htecmaroketsmw.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pc.htecmaroketsmw.cc/
Last updated: 2026-04-10