# wepetokendapps.pages.dev — SUSPICIOUS > wepetokendapps.pages.dev is a crypto drainer posing as OKX, with 0/95 VirusTotal detections. Verify before interacting to avoid asset loss. ## Summary PhishDestroy identifies wepetokendapps.pages.dev as an active brand impersonation domain targeting OKX users. This domain is designed to deceive visitors into believing they are interacting with the legitimate OKX platform, potentially leading to the unauthorized transfer of cryptocurrency assets. The threat actor leverages Cloudflare’s Pages service to host the fraudulent page, which is currently unresolved by most antivirus engines, with VirusTotal reporting 0 detections out of 95 scans. This domain was flagged for its clear intent to impersonate OKX, a major cryptocurrency exchange. The domain resolves to IP address 172.66.44.59 and utilizes a Google Trust Services SSL certificate to appear legitimate. While the creation date is not explicitly provided, the use of Cloudflare Pages suggests recent deployment, and the absence of detections on VirusTotal indicates it remains under the radar of many security vendors. Users who have visited this domain should immediately check their crypto wallets for unauthorized transactions. If any suspicious activity is detected, revoke any connected permissions and report the incident to OKX support. Avoid interacting with any requests for private keys or seed phrases, as these are clear signs of a crypto drainer. Use a reputable ad-blocker or security extension to block known malicious domains and consider reporting this domain to PhishDestroy for further analysis. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: OKX ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.59 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/29207538-2a7e-450f-a2c8-f55471d62886 - PhishDestroy: https://phishdestroy.io/domain/wepetokendapps.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/wepetokendapps.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/wepetokendapps.pages.dev/ Last updated: 2026-03-29