# tigamb.cc — SUSPICIOUS

> Security advisory for tigamb.cc — validated phishing domain. VirusTotal: 0/95 detections as of seed 026561. Check the full report.

## Summary
PhishDestroy identifies tigamb.cc as an active generic phishing domain observed in early 2026. The domain, registered on March 22, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED, appears to leverage domainsquatting patterns without targeting a specific brand. Security telemetry suggests the use of a generic drainer kit designed to harvest user credentials via spoofed login portals. Initial assessments indicate low sophistication, relying on recent registration and Let’s Encrypt certificates to establish superficial legitimacy.

Technical indicators for tigamb.cc are as follows: VirusTotal currently shows 0 detections out of 95 engines, indicating undetected malicious activity as of seed 026561. The domain resolves to 172.67.178.30 and is registered with NICENIC INTERNATIONAL GROUP CO., LIMITED. The domain was created on March 22, 2026, and secured via Let’s Encrypt certificate authority. As of the latest scan, it remains unlisted on Google Safe Browsing and has not appeared on major threat intelligence blocklists.

At present, tigamb.cc is flagged as under_investigation with an active status. The low detection rate warrants heightened monitoring due to the potential for rapid escalation as threat actors refine infrastructure. No confirmed phishing campaign attribution or victim reports have been validated to date. Users and organizations are advised to avoid interaction and implement network or DNS-level blocking of 172.67.178.30 and the domain itself. Remaining risk is assessed as medium pending further intelligence updates, emphasizing the importance of proactive threat hunting and user awareness to counter emerging phishing vectors.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-22 20:27:24
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.178.30

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/tigamb.cc
- PhishDestroy: https://phishdestroy.io/domain/tigamb.cc/
- LLM endpoint: https://phishdestroy.io/domain/tigamb.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tigamb.cc/
Last updated: 2026-04-07