# wick-verify.us.ci — MALICIOUS

> wick-verify.us.ci is a credential phishing domain with 9/95 VirusTotal detections. Check the full report for analysis and safety guidance.

## Summary
PhishDestroy identifies wick-verify.us.ci as an active credential phishing domain targeting unsuspecting users. The domain mimics legitimate verification services to harvest login credentials, likely leveraging a drainer kit designed to siphon sensitive data from victims. No specific brand impersonation is confirmed at this stage, but the fraudulent verification theme suggests a broader campaign aimed at compromising accounts across multiple platforms. The infrastructure appears hastily assembled, indicating opportunistic rather than targeted attacks.  wick-verify.us.ci resolves to IP 216.24.57.7 and was registered through Netim on November 12, 2025. VirusTotal reports a detection score of 9/95 security vendors, signaling moderate but concerning recognition by the security community. The domain holds a Google Trust Services SSL certificate, which may lend it an air of legitimacy to bypass initial scrutiny. Security blocklists including OISD and CERT-PL have already flagged this domain, confirming its malicious nature. The domain's recent creation aligns with a pattern of short-lived fraudulent sites designed to evade prolonged detection.  As of the latest assessment, wick-verify.us.ci remains active and poses an elevated risk to potential victims. Immediate response actions include continued blocking by OISD and CERT-PL, but the domain's recent registration and SSL certification highlight the need for proactive monitoring. Users should avoid interacting with this domain and report any suspicious communications to their IT security teams or local CERT. The remaining risk is elevated due to the domain's recent activation and partial SSL validation, which may deceive less cautious users. Enhanced user education on credential phishing tactics and robust multi-factor authentication remain critical defenses against such threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-12 16:10:22
- Registrar: Netim
- IP: 216.24.57.7

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["OISD", "CERT-PL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a9b3f3c7-33f2-460a-8322-475608b2068b
- PhishDestroy: https://phishdestroy.io/domain/wick-verify.us.ci/
- LLM endpoint: https://phishdestroy.io/domain/wick-verify.us.ci/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/wick-verify.us.ci/
Last updated: 2026-03-29