# yazhi-fx.com — SUSPICIOUS

> yazhi-fx.com is a new phishing domain impersonating a financial service. It currently evades detection with 0/95 VirusTotal detections.

## Summary
Threat advisory for domain yazhi-fx.com: A credential harvesting operation is suspected under active investigation by security teams.

This domain was flagged by 0 of 95 VirusTotal vendors, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolves to IP 172.67.183.14. The domain was created on March 17, 2026, and currently operates under an SSL certificate issued by Let's Encrypt. No blocklist entries or trust score reductions have been observed at this time.

While the investigation remains under way, organizations should proactively block yazhi-fx.com at the network perimeter and DNS level. Users who encounter this domain should report it immediately to their security team and avoid any interaction. Monitoring for lateral movement or credential reuse is strongly advised due to the active status of this threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-17 20:56:48
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.183.14

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/yazhi-fx.com
- PhishDestroy: https://phishdestroy.io/domain/yazhi-fx.com/
- LLM endpoint: https://phishdestroy.io/domain/yazhi-fx.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/yazhi-fx.com/
Last updated: 2026-03-20