# ftjzh.com — SUSPICIOUS

> ftjzh.com serves as a fake tech support scam, detected by 0/95 engines on VirusTotal. Check the full report.

## Summary
PhishDestroy identifies ftjzh.com as a confirmed active phishing domain deployed for fraudulent tech support schemes. This domain mimics legitimate service portals to deceive users into disclosing payment credentials or granting remote access to threat actors. The server’s recent creation and undetected status on VirusTotal indicate an evolving campaign targeting less technical users through social engineering and impersonation tactics. Security teams should classify this domain as HIGH PRIORITY due to the potential for credential harvesting and financial loss.  This domain was flagged by PhishDestroy with the following technical indicators: VirusTotal detection ratio is 0 out of 95 security engines as of the report date, indicating zero proactive blocking across industry tools; SSL certificate is issued by Google Trust Services, leveraging the CA’s reputation to avoid browser warnings; domain registration was handled through NameSilo, LLC, a registrar frequently abused by malicious actors for bulletproof hosting; the server resolves to IP 172.67.173.44, linked to Cloudflare infrastructure often exploited to obfuscate origin; domain creation occurred on June 26, 2025, reflecting an extremely recent campaign lifecycle. Despite the absence of public blocklists, the combination of fresh registration, low detection, and trust certificate issuance suggests preemptive avoidance rather than confirmed innocence.  To mitigate exposure to this tech support scam, users should immediately block ftjzh.com at the DNS and firewall level using threat intelligence feeds. Enterprises are advised to update proxy rules, email security gateways, and browser allowlists to deny access to this domain. If interaction has already occurred, disconnect from the network, scan for unauthorized remote access tools, revoke any entered credentials, and file incident reports with local CERT teams. Monitor outbound DNS queries for related domains to detect lateral movement. Avoid visiting the site entirely, as the SSL certificate provides no safety guarantee—trust certificates only validate encryption, not legitimacy.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-06-26 11:56:09
- Registrar: NameSilo, LLC
- IP: 172.67.173.44

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/ftjzh.com
- PhishDestroy: https://phishdestroy.io/domain/ftjzh.com/
- LLM endpoint: https://phishdestroy.io/domain/ftjzh.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ftjzh.com/
Last updated: 2026-04-06