ScamLens analyzed gxzhrc.cn using 90+ threat intelligence sources and assigned a trust score of 55/100, classifying it as moderate risk.
Trust Score: 55/100
Risk Level: Caution
This domain already shows strong risk signals. Stop interacting, preserve the page, chat, phone, and payment evidence, and move into response or reporting immediately.
Quick Answer
This domain already shows strong risk signals. Stop interacting, preserve the page, chat, phone, and payment evidence, and move into response or reporting immediately.
Positive Signals
- + Google Safe Browsing: Safe
- + HTTPS encryption supported
Concerns
- - 3 security sources flagged as suspicious
Score Breakdown
Was this assessment accurate?
Mixed signals on gxzhrc.cn
We did not find direct threat-feed hits, but coverage is thin or other signals warrant care.
- Verify the company exists offlineSearch the registered company name + 'reviews' or 'scam'. Real businesses leave a long trail of independent mentions.
- Pay only via reversible methodsUse credit cards or PayPal Goods & Services. Avoid wire transfers, crypto, gift cards — those are non-reversible.
- Confirm the contact detailsLook up the phone number and email address separately. Free webmail addresses or VoIP numbers are a red flag.
Trust but verify — open this domain on unrelated security services and compare the verdict.
AI Risk Assessment
Moderate RiskWhat matters right now
With a high-risk result, the priority is not reading more pages. It is immediate containment, credential resets, evidence preservation, and the reporting path.
gxzhrc.cn presents mixed security signals requiring caution. 1 Safe Browsing reports the domain clean, and 3 25 of 28 threat feeds responded cleanly. However, 2 three threat feeds have flagged this domain: shodan_internetdb identified risky infrastructure, dns_security flagged DNS malware blocking, and hagezi_tif marked it suspicious. 4 The .cn TLD carries low inherent risk. No brand impersonation or community reports exist. [INFERENCE] The convergence of three independent threat feed flags—particularly dns_security's malware association and shodan_internetdb's infrastructure concern—suggests potential malicious hosting or DNS manipulation, despite Safe Browsing's clean status. This warrants investigation before interaction.
Recommendation
Do not visit or transact with gxzhrc.cn until the infrastructure and DNS concerns are resolved. 2 Verify the flagged threats through the source feeds (shodan_internetdb, dns_security, hagezi_tif) to understand the specific risk. If you must contact the operator, use external channels (not the domain itself) to verify legitimacy. If you received this domain in unsolicited communication, treat it as potentially malicious.
Sources
- Threat intelligence feeds (3 flagged)Threat intel
shodan_internetdb (RISKY_INFRASTRUCTURE); dns_security (DNS_BLOCKED_MALWARE); hagezi_tif (suspicious)
- 25/28 threat feeds responded cleanThreat intel
- TLD risk classification: .cn (low risk)Analysis
Based on APWG / Spamhaus / Interisle 2024 abuse rankings
Powered by ScamLens AI· Check sources to verify important claims
Threat-intelligence sources
Checked across 28 sources — 3 flagged this domain
Show source breakdown
Threat-intelligence sources
Checked across 28 sources — 3 flagged this domain
- safe_browsing clean
- urlhaus clean
- cloudflare_radar clean
- cert_transparency clean
- alienvault_otx clean
- phishstats clean
- virustotal clean
- ipqs clean
- abuseipdb clean
- securitytrails clean
- phishdestroy clean
- threatfox clean
- shodan_internetdb flagged
- phishtank clean
- urlscan clean
- rdap clean
- maltiverse clean
- dnsbl clean
- dns_security flagged
- wanted_domains clean
- darkweb clean
- hagezi_tif flagged
- openphish clean
- scam_blocklist clean
- maltrail clean
- crypto_scam_feed clean
- phishing_army clean
- red_flag_domains clean
ScamLens aggregates real-time signals from 90+ commercial and open-source threat-intelligence providers including Google Safe Browsing, VirusTotal, PhishTank, URLhaus, ThreatFox, Cloudflare Radar, OTX, IPQS, GoPlus, Honeypot.is, and more. A flagged signal is evidence; the absence of flags is not proof of safety. Use the signals below alongside community reports to decide.
Advanced Scan
Comprehensive data lookup across premium sources
- Website history verification
- Detailed WHOIS information
- Reverse WHOIS association
- Traffic rank analysis
- Company registration check
AI Deep Investigation
Cross-check the story, claims, and supporting evidence before you decide
- Everything in Advanced Scan
- AI website content analysis
- AI cross-reference verification
- Claim authenticity validation
- Detailed report with evidence
Comprehensive Investigation
Full-spectrum investigation with company deep search & social intelligence
- Everything in Deep Investigation
- AI company background search
- Social media intelligence
- Detailed suspicious point analysis
- Event timeline & entity connections
This analysis is for informational purposes only and does not constitute a legal determination.
Security Sources
Domain Information
- DNSSEC
- Disabled
SSL/TLS Certificate
No data available
Server Information
- IP Address
- 206.119.188.101
- Hosting Provider
- Cogent Communications
- ASN
- AS133199 SonderCloud Limited
- Server Location
- Los Angeles, United States
- Organization
- Solustack Limited
Related Intelligence
Technical Details (DNS / Headers / Subdomains)
DNS Records
Email Security
SPF Not Configured DMARC Not Configured| Type | Value |
|---|---|
| A | 206.119.188.101 |
| NS | ns1.julydns.com |
| NS | ns2.julydns.com |
HTTP Security Headers
0/6Channels / Subdomains
No data available
Community Reports
Log in to report and share your experience
Report & Take Down This Website
High-Risk Signals
The risk signals are strong enough. Move on evidence preservation, reporting, and victim response now
This result is no longer just a normal verification case. Moving the chat, phone, payment, and official-reporting path in parallel is usually more important than waiting for more data.
Recommended First
Move into the victim action plan
If you already paid, logged in, or installed tools, use the action plan first to prioritize containment and evidence work.
Move into the website-reporting flow
Move the site, payment evidence, chat trail, and contact points into the formal reporting path.
Add the chat, DM, and payment-pressure trail
Keep the Telegram, WhatsApp, social DM, and payment-pressure trail in the same timeline.
Check the callback number and SMS
If the actor also used calls, SMS, or one-time codes, verify that phone path next.
The results are based on multiple third-party data sources and AI models. False positives or negatives may occur. This report should not be used as the sole basis for any decision. Please verify with additional sources.
If a loss already happened, move into the response flow now
Delay is the main risk with high-risk domains. Prioritize freezes, credential resets, reporting, and evidence preservation now.
If no loss happened yet, continue with the website-reporting and official-agency paths next.
Related Security Guides
Learn more about how to protect yourself from this type of threat.
FAQ
Is gxzhrc.cn safe to visit?
gxzhrc.cn received a trust score of 55/100 from ScamLens. Some minor concerns were identified but no critical threats were found. Exercise normal caution.
Was gxzhrc.cn flagged by any threat databases?
gxzhrc.cn was flagged by 2 out of 30+ threat intelligence sources. Specifically flagged by: dns_security, hagezi_tif. The detected threat categories include: general threat.
How old is gxzhrc.cn?
Registration date information for gxzhrc.cn is not publicly available through WHOIS records, which can itself be a risk indicator.
Does gxzhrc.cn use HTTPS and have a valid SSL certificate?
ScamLens could not verify the SSL certificate details for gxzhrc.cn during this scan. Treat this as unavailable evidence, not as proof that the site is safe or unsafe.
What security headers does gxzhrc.cn implement?
gxzhrc.cn is missing important security headers: Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Strict-Transport-Security, Referrer-Policy, Permissions-Policy. Missing security headers can leave visitors vulnerable to cross-site scripting (XSS) and other web-based attacks.
What does the ScamLens community think about gxzhrc.cn?
No community votes or reports have been submitted for gxzhrc.cn yet. You can be the first to share your experience.
Where is gxzhrc.cn hosted?
gxzhrc.cn is hosted by Cogent Communications in Los Angeles, United States (ASN: ASAS133199 SonderCloud Limited).
What should I do about gxzhrc.cn?
Do not visit or transact with gxzhrc.cn until the infrastructure and DNS concerns are resolved. [2] Verify the flagged threats through the source feeds (shodan_internetdb, dns_security, hagezi_tif) to understand the specific risk. If you must contact the operator, use external channels (not the domain itself) to verify legitimacy. If you received this domain in unsolicited communication, treat it as potentially malicious.
Is this report useful?
Use this report to tell others to stop interacting now and move straight into containment, evidence preservation, and reporting.
Forward to your parents — they deserve to browse safely too.
About this analysis
This report is generated from real-time data across 90+ threat intelligence sources, combined with AI analysis and community feedback.
Learn about our scoring methodology | Last analyzed: May 11, 2026