# t-mobile.jronr.icu — MALICIOUS

> Beware of t-mobile.jronr.icu – a confirmed phishing site targeting users. Learn how to stay safe and avoid falling victim to scams.

## Summary
PhishDestroy identifies t-mobile.jronr.icu as a high-risk phishing domain that poses significant danger by attempting to steal sensitive information such as login credentials and personal data. Users visiting this site risk having their information compromised.

This phishing scheme works by impersonating T-Mobile’s branding to deceive users into entering confidential details. The domain is actively flagged on security blocklists and is recognized by multiple security vendors, highlighting its malicious intent.

If you have visited t-mobile.jronr.icu, immediately avoid entering any personal data and run a full antivirus scan. Change any passwords that might have been disclosed and monitor your accounts for suspicious activity to protect yourself from potential fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 172.67.206.108
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["ADMINUSLabs", "CRDF", "CyRadar", "Fortinet", "Gridinsoft", "Lionic", "SOCRadar", "Sophos", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b90d3-f594-77f6-ad84-28bf3329b9b6.png
- PhishDestroy: https://phishdestroy.io/domain/t-mobile.jronr.icu/
- LLM endpoint: https://phishdestroy.io/domain/t-mobile.jronr.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/t-mobile.jronr.icu/
Last updated: 2026-03-19