# tiowax.com — MALICIOUS

> Warning: Tiowax.com is a phishing site posing as a crypto casino. Avoid interacting with it as it’s now offline but was flagged for malicious activity.

## Summary
PhishDestroy identifies Tiowax.com as a medium-risk phishing domain designed to deceive users by masquerading as a popular online crypto casino. Its goal is to trick visitors into divulging sensitive information, potentially leading to financial loss or account compromise. This kind of threat is particularly concerning in the cryptocurrency space where transactions are irreversible and privacy is critical.

The domain was registered through NiceNIC International Group Co., Limited on March 2, 2026, and has appeared on at least one security blocklist. VirusTotal scans reveal that 6 out of 95 security vendors flagged the site, indicating some level of malicious activity detection. The domain resolved to IP address 188.114.97.3 before it was taken offline. Gridinsoft assigned it a very low trust score of 1 out of 100, underscoring its suspicious nature. Tiowax.com’s page title suggested a blockchain-based crypto casino, likely a lure to attract cryptocurrency enthusiasts.

Users are advised to avoid visiting Tiowax.com or interacting with any communications referencing this domain. Given that the site is currently offline, immediate risk is reduced, but caution should remain high with any related phishing attempts. Users should never share credentials or financial information on unverified platforms and should update security software regularly. Reporting any suspicious crypto gambling sites to security teams can also help mitigate the spread of such threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Tiowax: Most Popular Online Crypto Casino Based on Blockchain

## Domain Intelligence
- Registered: 2026-03-02 15:00:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ben.ns.cloudflare.com kelly.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: ["ADMINUSLabs", "Fortinet", "G-Data", "Kaspersky", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/Kjjyh75G/3bf82f504cfa.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8cb8b58c-6794-4fe1-812e-dea00f1157b6
- PhishDestroy: https://phishdestroy.io/domain/tiowax.com/
- LLM endpoint: https://phishdestroy.io/domain/tiowax.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tiowax.com/
Last updated: 2026-03-19