# shokeauth.com — MALICIOUS

> shokeauth.com is flagged for phishing risks. Exercise caution and avoid sharing personal info on this suspicious domain.

## Summary
PhishDestroy identifies shokeauth.com as a medium-risk domain linked to generic phishing activities. This classification reflects concerns about potential attempts to deceive users into divulging sensitive information such as login credentials or financial details.

The domain shokeauth.com resolves to the IP address 58.64.137.69 and was registered recently on February 10, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED. Its newness, combined with partial detection by 5 out of 95 security vendors on VirusTotal, strengthens the suspicion that it may be involved in malicious campaigns. The registrar and hosting details align with common patterns observed in phishing infrastructure, raising further red flags.

Users should avoid interacting with shokeauth.com or providing any personal data on the site. PhishDestroy recommends blocking this domain where possible and monitoring for related phishing attempts. The domain remains active, and vigilance is advised until it becomes inactive or is verified as safe through further analysis.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Target brand: OKX

## Domain Intelligence
- Registered: 2026-03-05 19:07:02
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 58.64.137.69
- IP Country: HK
- IP City: Tung Chung
- IP Org: AS17444 HKBN Enterprise Solutions Limited
- Nameservers: ["expired-ns1.niceisp.com", "expired-ns2.niceisp.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: ["alphaMountain.ai", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "SOCRadar", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbf4f-4377-739a-a2c4-679a2ec5b481.png
- Wayback Machine: https://web.archive.org/web/https://shokeauth.com
- PhishDestroy: https://phishdestroy.io/domain/shokeauth.com/
- LLM endpoint: https://phishdestroy.io/domain/shokeauth.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/shokeauth.com/
Last updated: 2026-03-19