Skip to content

pha.cc Security Report & Trust Score

Online Last scanned: March 8, 2026
18 /100 High Risk

Category Crypto

PHA.cc is a cryptocurrency storage and trading platform celebrating its anniversary with millions of registered users, functioning as a crypto wallet or exchange service.

About pha.cc

pha.cc is a website categorized as Crypto. PHA.cc is a cryptocurrency storage and trading platform celebrating its anniversary with millions of registered users, functioning as a crypto wallet or exchange service. It was last analyzed on March 8, 2026 and currently scores 18/100, which we rate as High Risk.

The site is hosted by AS13335 Cloudflare, Inc. in San Francisco, United States. The server runs cloudflare. It resolves to the IP address 172.67.147.216.

5 of 94 antivirus engines flag this domain.

With a trust score of 18/100, pha.cc sits in the highest-risk band of our scale. Multiple independent signals align with patterns commonly seen on fraudulent platforms. Exercise extreme caution before interacting with this website in any way.

Think you've been scammed? Get a free consultation with cyber-intelligence experts

Your information is secure and confidential.

Is pha.cc safe to use?

Based on our last scan on March 8, 2026, pha.cc has a trust score of 18/100, which we rate as High Risk. Multiple independent signals match patterns commonly seen on fraudulent platforms, so we advise extreme caution before interacting with it in any way.

We found no official regulator warning on record for pha.cc at the time of the last scan. Keep in mind that the absence of a warning is not proof of legitimacy: fraudulent platforms often operate for months before authorities list them. A legitimate investment service is normally registered with a recognized financial authority, such as the SEC, CFTC, FCA, ASIC or the regulator in your country, and that registration can be verified directly on the authority's own website. If a platform claims a license you cannot confirm at the source, treat that claim as false.

5 antivirus engines already flag this domain. Detections tend to accumulate over time, so early flags on a young website are a meaningful warning rather than background noise.

How this kind of scam usually works

The website is rarely where the fraud begins; a real person usually is. A stranger reaches out first, on a dating app, in a chat group, through social media, or with a message you never asked for, and spends days or even months earning your trust before an "insider" or "exclusive" way to invest ever comes up. Investigators call this slow, deliberate grooming pig butchering, because the target is fed trust for weeks so the eventual loss is as large as possible.

Only after that trust is in place is the victim pointed to a slick, credible-looking platform. Everything it displays, from the account balance to the live charts and the growing profits, is invented and sits entirely under the operators' control. To seal the illusion, they may let you pull out a small sum early, which convinces you to wire in far more. The moment a serious withdrawal is requested, the story shifts: unexpected "taxes", "release fees" or "verification charges" surface, the balance is locked until you pay them, and each payment you make is simply gone.

The clone-firm trick works alongside this: fraudsters pose as a company that really does hold a license, borrowing its name, logo and registration number while running the show from a lookalike domain. That is precisely why any licensing claim has to be checked on the regulator's own site, and why the specific domain in the address bar deserves as much attention as the brand printed on the page.

Red flags worth paying attention to

  • Approached out of the blue: someone you barely know keeps nudging you toward one particular platform.
  • Too-good returns: profits pitched as certain, fixed or remarkably high while the risk is described as tiny or non-existent.
  • Artificial urgency: you are hurried along by bonuses that expire, "only a few places left", or claims that the window shuts today.
  • Odd payment channels: money is expected in crypto, in gift cards, or as a transfer into someone's personal account.
  • Phantom license: the credentials they cite are impossible to find on the regulator's official register, or no license is offered at all.
  • Blocked cash-outs: withdrawals are stalled by unexpected "taxes", "release fees" or never-ending verification hurdles.
  • Impossible growth: the account balance climbs without fail, no matter what the wider market is actually doing.

Steps to take if you have already paid

  1. Cut off contact entirely: break away from both the platform and the person who brought you to it. Every further message gives them another chance to squeeze out more, sometimes via a bogus "account manager" who claims they can sort it all out.
  2. Refuse every extra charge: do not hand over any "release fee", "tax" or "unlock charge" in the name of freeing your withdrawal. Real services take their fees out of your balance; demanding more cash up front is a scam-only move.
  3. Call your bank right away: get in touch with your bank or card provider without delay. The window for chargebacks and wire recalls is short, so reporting early gives you the best shot at recovering anything.
  4. Keep everything as evidence: hold on to screenshots of the site and your chats, emails, transaction IDs, and every wallet address you sent funds to.
  5. Flag it to the authorities: report the fraud to your country's cybercrime or consumer-protection body, and to the financial regulator where you live.
  6. Stay sceptical of recovery offers: distrust "fund recovery" specialists who reach out later promising to claw your money back for a fee paid in advance. Victim lists get resold, and this "recovery" is frequently just the scam's second round.

Threats

5 / 94 engines flagged

Antivirus engines

2
BitDefenderphishing
GG-Dataphishing

Security vendors

3
AalphaMountain.aisuspicious
CCyRadarmalicious
FForcepoint ThreatSeekermalicious

Blacklists

1 provider, all clear
  • google_safe_browsing community

Identity

SSL

CertificateValid
IssuerGoogle Trust Services
Subjectpha.cc
Valid fromFebruary 11, 2026
Valid untilMay 12, 2026
Expires inExpired 64 days ago
ProtocolTLSv1.3
CipherTLS_AES_256_GCM_SHA384
SAN
  • pha.cc
  • *.pha.cc

Server

IP address172.67.147.216
IPv6
ASNAS13335
ProviderAS13335 Cloudflare, Inc.
CountryUnited States (US)
CitySan Francisco
Server softwarecloudflare

Screenshot

Screenshot of pha.cc captured at the last scan
Captured at last scan

Forensics

Redirect chain

1
  1. https://pha.cc/index/index/home

Network & resources

Total requests 38
Unique domains 7
Total size 58.7 KB
HTTPS 100.0%

Cookies

4
NameDomainFlags
ssidpha.ccSecure HttpOnly
langpha.ccSecure HttpOnly
ss_uid.salesmartly.comSecure HttpOnly
_ss_s_uidpha.cc

Technologies

1
  • Cloudflare cdn

Uptime

Last 30 days

88.2% uptime · 4,860 ms avg response