# zxgdvj.cn — MALICIOUS > The domain zxgdvj.cn is a high-risk fake login scam that steals credentials. PhishDestroy identifies 15/95 security vendors flagging this domain, which was. ## Summary PhishDestroy identifies zxgdvj.cn as a high-risk domain engaged in generic phishing activities, specifically designed to deceive users into surrendering sensitive login credentials. This domain poses an immediate threat to online security by mimicking legitimate login portals, such as those for email services, banking platforms, or social media accounts. The sophistication of this scam lies in its ability to exploit user trust, often through phishing emails or fraudulent advertisements that direct victims to the malicious site. Once users enter their credentials, attackers can harvest this information for identity theft, financial fraud, or further targeted attacks. Given the active status of this domain and the severity of the threat it represents, users must exercise extreme caution when encountering any links or advertisements associated with zxgdvj.cn. This domain was flagged by 15 out of 95 security vendors on VirusTotal, indicating a high level of suspicion within the cybersecurity community. zxgdvj.cn resolves to the IP address 104.21.59.150 and was registered through 包头市特木鲁网络科技有限公司, a registrar that has been associated with previous malicious domain registrations. The domain was created on May 21, 2025, making it a relatively new but rapidly active threat. It is also flagged by Google Safe Browsing as a SOCIAL_ENGINEERING site, further validating its malicious intent. Additionally, the domain utilizes a Google Trust Services SSL certificate, which may lend it an air of legitimacy to unsuspecting users. These combined factors—high vendor distrust, recent creation, association with a suspicious registrar, and inclusion on a major blocklist—paint a clear picture of a domain built for deception and credential theft. To mitigate the risks posed by zxgdvj.cn, users should avoid interacting with any links or advertisements associated with this domain entirely. If you encounter this domain unexpectedly, do not enter any personal or login information, as it is almost certainly a trap. Organizations should consider blocking this domain at the network level to prevent accidental exposure. For added security, enable multi-factor authentication (MFA) on all accounts to minimize the impact of potential credential theft. Always verify the legitimacy of a website by checking the URL for typos or unusual domain extensions and look for HTTPS with a valid certificate issued by a trusted Certificate Authority. If you suspect you have been targeted by this scam, change your passwords immediately and monitor your accounts for suspicious activity. Report the domain to your organization’s security team or to PhishDestroy to help disrupt its operation. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-05-21 15:49:56 - Registrar: 包头市特木鲁网络科技有限公司 - IP: 104.21.59.150 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2717fa70-9315-48b3-90f6-4de6c63c9a1b - PhishDestroy: https://phishdestroy.io/domain/zxgdvj.cn/ - LLM endpoint: https://phishdestroy.io/domain/zxgdvj.cn/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/zxgdvj.cn/ Last updated: 2026-03-23