# verizon.ticxsoih.cc — MALICIOUS

> The domain verizon.ticxsoih.cc poses a high phishing risk. Avoid interaction and verify site authenticity before entering personal data.

## Summary
PhishDestroy identifies verizon.ticxsoih.cc as a high-risk generic phishing domain actively impersonating Verizon to lure victims with fake deals on phones, internet services, and accessories. This deceptive tactic aims to steal sensitive data such as login credentials and financial details by exploiting trust in the established Verizon brand. The domain’s phishing nature and current activity status amplify its threat potential to unsuspecting users.

The domain was registered recently on January 12, 2026, through Gname.com Pte. Ltd., a registrar sometimes associated with transient or fraudulent registrations. It resolves to IP address 172.67.195.105, which is linked to infrastructure often used by malicious actors. VirusTotal analysis flags this domain as suspicious with 14 out of 95 security vendors identifying it as a threat. Additionally, it appears on at least one security blocklist, underscoring its recognized malicious intent within threat intelligence communities.

Currently, verizon.ticxsoih.cc remains active and continues to present a significant risk to internet users. PhishDestroy recommends avoiding any interaction with this domain, refraining from entering personal or payment information, and reporting any suspicious activity related to this or similar phishing sites. Organizations and individuals should implement domain filtering and maintain updated security solutions to mitigate exposure from this ongoing phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Verizon Deals: Save on Phones, Internet, Accessories | Verizon

## Domain Intelligence
- Registered: 2026-01-12 08:20:39
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 172.67.195.105
- Nameservers: ["A.SHARE-DNS.COM", "B.SHARE-DNS.NET"]
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "Cluster25", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bb4e0-479f-7681-96ba-2753de60ca17.png
- PhishDestroy: https://phishdestroy.io/domain/verizon.ticxsoih.cc/
- LLM endpoint: https://phishdestroy.io/domain/verizon.ticxsoih.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/verizon.ticxsoih.cc/
Last updated: 2026-03-19