ooo.ouyi.one
Category: Phishing And Fraud
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of ooo.ouyi.one
This website appears to present itself as an OKX/欧易 application download center for cryptocurrency users, offering Android, iOS, and Windows client downloads. The page title, metadata, and screenshot all suggest that it is targeting Chinese-speaking visitors who are looking for a trading-platform app installer rather than a general informational website.
Based on the domain name and page content, the site does not appear to use an official primary brand domain for OKX. Instead, it uses the unrelated host ooo.ouyi.one while prominently displaying OKX and 欧易 branding, download buttons, and platform-specific installation paths such as /apk/, /ios/, /win/, and /okx/. This setup may indicate an unofficial mirror, a brand look-alike download page, or a phishing-oriented distribution site impersonating a cryptocurrency platform.
Safety Assessment for ooo.ouyi.one
Multiple independent signals raise concern about this domain at the time of this scan. It was flagged by 12 out of 91 security engines, and several web-classification providers categorized it as phishing or fraud-related. In addition, one blacklist database listed the domain, and the malware scan reported multiple flagged files and links associated with the site, including download-related paths and branded assets.
The page content also appears to imitate the OKX/欧易 brand while using a non-official-looking domain. That kind of mismatch between branding and domain identity can be consistent with credential theft, fake app distribution, or other social-engineering activity, especially in the cryptocurrency space where look-alike download pages are commonly abused. The very low trust score, lack of ranking, and relatively new domain age further add to the risk profile.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The domain uses a valid Let's Encrypt SSL certificate and is served over HTTPS from an nginx web server at IP address 156.255.3.241, hosted by UFO Network in Hong Kong. While the presence of TLS helps encrypt traffic in transit, it does not by itself indicate legitimacy. DNSSEC appears to be unsigned, and the domain is relatively new, with registration dating to 2025-07-07.
From a technical-risk perspective, the scan identified numerous flagged internal URLs tied to app-download and redirect paths, along with multiple flagged external references. The combination of branded download pages, redirect scripts, and repeated malicious/phishing classifications suggests the infrastructure may be set up to distribute deceptive content or route users toward unwanted downloads.
Share your experience with this website. Was it safe? Did you encounter any issues?