# xa55p.icu — SUSPICIOUS

> xa55p.icu is a tech support scam domain hosting fraudulent pages. VirusTotal flags 2/95 security tools. Review the full report.

## Summary
PhishDestroy identifies xa55p.icu as an active tech support scam domain operating at elevated risk. This domain was flagged for impersonating fraudulent tech support portals designed to deceive users into disclosing payment details or installing malicious software under the guise of 'technical assistance'.

This domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 30, 2026, and resolves to IP address 188.114.96.3. VirusTotal analysis shows the domain is flagged by 2 of 95 security vendors, indicating limited but present detection. The domain utilizes a Google Trust Services SSL certificate, potentially increasing its perceived legitimacy to unsuspecting victims. Despite the certificate, the low detection rate and recent creation date suggest a newly deployed or rapidly evolving threat.

Users are strongly advised to block xa55p.icu at the network level and avoid any interaction with this domain. Organizations should update firewall rules to include the IP address 188.114.96.3 and the domain xa55p.icu in blocklists. If accidental exposure occurs, avoid downloading files or entering payment information, and report the incident to relevant cybersecurity teams. Always verify unsolicited technical support requests through official channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-30 09:26:39
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8ce10446-eef5-4e0c-9a24-247c0bc5bd17
- PhishDestroy: https://phishdestroy.io/domain/xa55p.icu/
- LLM endpoint: https://phishdestroy.io/domain/xa55p.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xa55p.icu/
Last updated: 2026-03-30