# gro25b.com — SUSPICIOUS

> Beware of gro25b.com, a phishing site posing risks to your data. Avoid interaction and verify website safety before sharing info.

## Summary
PhishDestroy identifies gro25b.com as an active phishing domain posing a medium risk level to users. This domain is involved in generic phishing activities designed to steal sensitive information such as login credentials or financial data. Given its recent creation date and suspicious behavior, users should exercise caution and treat any interaction with this domain as potentially harmful.

The domain gro25b.com was registered on March 05, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar commonly associated with high-risk domains. It resolves to the IP address 192.142.10.5 and has been flagged by 4 out of 95 security vendors on VirusTotal, confirming some consensus on its malicious intent. These indicators highlight an infrastructure that supports ongoing phishing campaigns targeting unsuspecting internet users.

Users are strongly advised to avoid visiting gro25b.com and never submit personal or financial information on this site. If you encounter this domain, do not click links or download any content from it. Instead, report the phishing attempt to your security team or use tools like PhishDestroy to verify domain safety. Staying vigilant and cautious is crucial to prevent falling victim to cyber threats leveraged through such active phishing domains.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: GRO25B Official Website Presale (up to 200% bonus)

## Domain Intelligence
- Registered: 2026-03-05 09:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 192.142.10.5
- IP Country: NL
- IP City: Amsterdam
- IP Org: AS214036 Ultahost, Inc.
- Nameservers: pola.ns.cloudflare.com,sergi.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["G-Data", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/7JnsMMQ0/f1c12fb819fa.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7bb524f5-0c88-48cc-bb6d-80f8f2aea8ef
- Wayback Machine: https://web.archive.org/web/https://gro25b.com
- PhishDestroy: https://phishdestroy.io/domain/gro25b.com/
- LLM endpoint: https://phishdestroy.io/domain/gro25b.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gro25b.com/
Last updated: 2026-03-19