# zoraxmobile.com — SUSPICIOUS

> zoraxmobile.com may pose a low phishing risk. Exercise caution, avoid sharing personal info, and verify site legitimacy before interacting.

## Summary
PhishDestroy identifies zoraxmobile.com as a domain linked to generic phishing activity, categorized with a low risk level. Despite being relatively new—created in October 2025—this domain has raised suspicion due to its registration through Ultahost, Inc. and partial detection by a minority of security vendors. Users should recognize that even low-risk phishing sites can compromise sensitive data if engaged.

This phishing attempt likely involves posing as a legitimate mobile services website to trick users into submitting personal or financial details. Visitors might encounter deceptive forms or prompts designed to harvest information under false pretenses. The domain's IP resolution and unusual creation date further suggest it was set up to exploit unsuspecting users quickly.

If someone has visited zoraxmobile.com, it is important to avoid entering any personal data and to run a comprehensive malware scan on their devices. Users should also monitor relevant accounts for unusual activity and consider changing passwords as a precaution. Staying vigilant against unsolicited websites and verifying URLs can help prevent falling victim to such schemes in the future.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Home - Zorax Mobile

## Domain Intelligence
- Registered: 2025-10-07 07:58:38
- Registrar: Ultahost, Inc.
- IP: 159.100.6.5
- Nameservers: ns1.ultahost.com ns2.ultahost.com ns3.ultahost.com ns4.ultahost.com

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Fortinet", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d01d9-3d01-75b8-8174-f0f71eb5d9b0.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8355f25d-910d-49f2-a762-0da0197f212d
- PhishDestroy: https://phishdestroy.io/domain/zoraxmobile.com/
- LLM endpoint: https://phishdestroy.io/domain/zoraxmobile.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/zoraxmobile.com/
Last updated: 2026-03-19