# www.zhgwexpouy.net — SUSPICIOUS > Beware: zhgwexpouy.net hosts a tech support scam detected on Feb 5, 2026. Check the full report. ## Summary PhishDestroy identifies zhgwexpouy.net as a domain engaged in generic phishing, likely impersonating a tech support scam to deceive users into revealing sensitive information or installing malicious software. The domain utilizes a DigiCert Inc SSL certificate to appear legitimate, though its recent creation and suspicious activity raise immediate concerns. No known drainer kit has been linked to this domain as of yet, but its structure and behavior align with common phishing tactics targeting unsuspecting victims through fake error messages or system alerts. This domain was flagged with a VirusTotal detection score of 0/95, indicating it has not yet been widely recognized as malicious by security vendors. Registered through Amazon Registrar, Inc., it resolves to IP address 43.175.162.104 and was created on February 05, 2026. Google Safe Browsing (GSB) has not yet blacklisted this domain, and it remains unlisted on major blocklists, leaving a window of opportunity for attackers to exploit. The domain's recent creation and lack of detection underscore the importance of proactive monitoring and user vigilance. The current status of zhgwexpouy.net is active, with the threat under investigation by PhishDestroy and other security researchers. Immediate response actions include increasing monitoring of the domain, analyzing its network traffic for patterns, and updating browser-based blocklists to prevent user exposure. Remaining risk is classified as under investigation, meaning further analysis is required to determine the full scope of its operations and potential impact. Users are advised to avoid interacting with this domain and report any suspicious encounters to their security teams or relevant authorities. Proactive measures such as disabling unnecessary browser plugins, using ad-blockers, and verifying SSL certificates before entering sensitive information can mitigate exposure to such threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-05 10:24:00 - Registrar: Amazon Registrar, Inc. - IP: 43.175.162.104 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/www.zhgwexpouy.net - PhishDestroy: https://phishdestroy.io/domain/www.zhgwexpouy.net/ - LLM endpoint: https://phishdestroy.io/domain/www.zhgwexpouy.net/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/www.zhgwexpouy.net/ Last updated: 2026-03-22