MalwareTips
Security Review

Is ztf.yfz.mybluehost.me legit or a scam?

Our verdict:Dangerous· 25/100

Phishing clone impersonating K-TEK DIECAST collectibles, hosted on notorious free-subdomain phishing platform mybluehost.me.

Top reasons
Exact clone of legitimate K-TEK DIECAST brand (ktekdiecast.com) with no verifiable connection to the real company.Hosted on mybluehost.me, a free subdomain service with documented phishing abuse history and 1.5/5 Trustpilot score.Parent domain has 4 confirmed phishing complaints targeting Spotify, banking, and OTT services.
ztf.yfz.mybluehost.meScanned 14h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 75·MT 15
Category tags
phishingclone-sitefraud#Phishing#Clone Site#Fake Shop95% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
Registration date unknown
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Fake shop — do not order

Phishing clone impersonating K-TEK DIECAST collectibles, hosted on notorious free-subdomain phishing platform mybluehost.me. The site shows patterns common to non-delivery scam shops. Don't submit payment details, and if you already paid by card or PayPal, start a chargeback today.

Website Preview

Screenshot of ztf.yfz.mybluehost.me
LIVE RENDER
ztf.yfz.mybluehost.me
1Page displays branded banner graphics for 'K-TEK' diecast collectibles and 'Kustomcity' product lines with consistent visual identity.

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

15
/ 100
Low visual risk

Visual red flags detected in the screenshot

Page appears to be a legitimate hobby/collectibles promotional site for diecast toy products under the K-TEK and Kustomcity brands, with no scam indicators visible in the rendered content.

Visual risk15/100

What our vision model saw

6 signals

Page displays branded banner graphics for 'K-TEK' diecast collectibles and 'Kustomcity' product lines with consistent visual identity.

A visible hyperlink text reads 'DaveChangDesign.com', consistent with a designer/brand attribution link.

Bottom section shows a 'Kustomcity Official Releases' banner with a product navigation link, indicating a functional product catalog page.

No urgency timers, countdown banners, or pressure-sale tactics visible.

No forms, credential-harvesting fields, or payment prompts present in the visible content.

Overall layout is image-heavy and simple, consistent with an early-2000s style hobby/collectibles promotional page.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust15/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The page copies the exact title and branding of the legitimate K-TEK DIECAST business (ktekdiecast.com), a California-based custom diecast maker, but runs on a free mybluehost.me subdomain with no connection to the real company. The parent domain mybluehost.me has a documented history of phishing abuse, with multiple confirmed campaigns targeting Spotify, banking, and OTT services since 2024, and carries a 1.5/5 Trustpilot score from 17 reviews citing fraud and phishing. Our network fingerprint confirms this subdomain is a clone of the legitimate site. No business registration, contact details, or verifiable company information exists for this subdomain. The combination of brand impersonation, hosting on a known phishing platform, and absence of legitimate business signals indicates this is a credential-harvesting or payment-fraud operation.
Full dossier
Analysis complete

Page Content

The page displays the exact title 'K-TEK DIECAST - THE HIGH-END OF DIECAST COLLECTIBLES' and branding graphics matching the legitimate K-TEK DIECAST site. However, it contains no functional product catalog, shopping cart, or checkout flow — only static promotional banners and a link to 'DaveChangDesign.com'. No contact email, phone, postal address, or business registration details are present anywhere on the page.

Infrastructure

Hosted on IP 162.241.216.56 (Bluehost/Newfold infrastructure) with valid Let's Encrypt SSL. The subdomain ztf.yfz.mybluehost.me uses a randomised naming pattern typical of ephemeral phishing subdomains. The parent domain mybluehost.me is a free subdomain service that has been heavily exploited for phishing since at least 2024.

Domain History

No WHOIS data available for the subdomain. The parent mybluehost.me was registered in 2016 but subdomains are created on-demand and frequently rotated. Our network analysis confirms this subdomain is a clone of ktekdiecast.com, the legitimate K-TEK DIECAST business operated by designer Dave Chang in California.

Web Reputation

The parent domain mybluehost.me has 4 documented phishing complaints in our evidence package, including confirmed campaigns targeting Spotify account credentials and banking/OTT services. an independent review aggregator rates mybluehost.me at 1.5/5 from 17 reviews, with users reporting phishing, fraud, and credential theft. No positive reviews or legitimate business mentions exist for this subdomain. Our antivirus network and browser blocklists show no detections, but this reflects the newness of the subdomain — phishing clones are typically flagged only after abuse reports accumulate.

Risk Factors
7
  • Exact clone of legitimate K-TEK DIECAST brand (ktekdiecast.com) with no verifiable connection to the real company.
  • Hosted on mybluehost.me, a free subdomain service with documented phishing abuse history and 1.5/5 Trustpilot score.
  • Parent domain has 4 confirmed phishing complaints targeting Spotify, banking, and OTT services.
  • No business registration, contact information, or verifiable company details found.
  • Randomised subdomain naming pattern (ztf.yfz) typical of ephemeral phishing infrastructure.
  • No functional e-commerce or product-purchase flow; page is static promotional content only.
  • Similar subdomains on mybluehost.me appear to host dropshipping or fraudulent e-commerce listings.
Positive Signals
3
  • Valid SSL certificate issued by Let's Encrypt.
  • Hosting IP has zero abuse reports and clean reputation score.
  • No malware or credential-harvesting code detected by our antivirus network.
AI Recommendation
Do not visit this site or enter any personal, payment, or account credentials. If you received a link to this site in an email, report it as phishing to your email provider. The legitimate K-TEK DIECAST collectibles business operates at ktekdiecast.com only.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for ztf.yfz.mybluehost.me, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Clones ktekdiecast.com
The page impersonates a well-known brand's site.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
4 scam reports
Key findings
7 headline facts from open-web research
  • ztf.yfz.mybluehost.me is a subdomain on mybluehost.me, a free subdomain service under Bluehost/Newfold that has been heavily abused for phishing campaigns since at least 2024.
  • mybluehost.me has multiple documented phishing reports (Spotify, OTT services, general fraud emails) and low Trustpilot score of 1.5/5 from 17 reviews.
  • Page title exactly matches legitimate K-TEK DIECAST (ktekdiecast.com), a known California-based premium/custom diecast collectibles maker by designer Dave Chang; no connection found between the subdomain and the real company.
  • No reviews, mentions, or search results specifically for ztf.yfz.mybluehost.me; other similar subdomains (e.g. hji.vcj.mybluehost.me, rnw.uic.mybluehost.me) appear to host e-commerce/diecast listings, suggesting possible dropshipping or sca
  • mybluehost.me itself registered in 2016 but subdomains are ephemeral and frequently flagged in abuse databases and security reports.
  • PCrisk scan of mybluehost.me gave moderate risk (65/100) with one engine flag; recent registration patterns and lack of transparency common on such subdomains.
  • No legitimate business registration, contact info, or verifiable company details located for this specific domain.
Scam reports (4)
Direct quotes from public scam databases, forums, and news.
  • Trustpilotopen

    "mybluehost.me. 1.7. Bad. TrustScore 1.5 out of 5. 17 reviews."

  • Spam.orgopen

    "Report Reason: Phishing Email. Offending Domain: mybluehost.me"

  • Spotify Communityopen

    "The website it's linking to is: https://neh.ekr.mybluehost.me/support/spot/MitID/account.php"

  • AhnLab ASECopen

    "Phishing campaign ... URL https://ixz.rlj.mybluehost.me/ol282f645de/auth/processing"

Impersonation / typosquat
Clone of ktekdiecast.com

Subdomain uses exact page title and branding of established K-TEK DIECAST (ktekdiecast.com) while hosted on free-style mybluehost.me subdomain commonly abused for phishing.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Our research found 4 documented phishing complaints against the parent domain mybluehost.me. an independent review aggregator reports a 1.5/5 score from 17 reviews, with users reporting phishing emails, credential theft, and fraud. Confirmed phishing campaigns using mybluehost.me subdomains have targeted Spotify account credentials and banking/OTT services. The legitimate K-TEK DIECAST business operates at ktekdiecast.com (California-based custom diecast models by Dave Chang) with no connection to this subdomain. No business registration, company details, or verifiable information exists for ztf.yfz.mybluehost.me.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

Moderate correlation

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (1)
  • Evidence confirms this site is a clone of ktekdiecast.com.
Linked signals (1)
Clone of ktekdiecast.com

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious57Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · YR2
ExpiresSep 8, 2026 (87d)
Self-signedNo
Hosting & Technology
HostingUnified Layer
Server locationUS
Web servernginx/1.27.2

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://ztf.yfz.mybluehost.me/
  • 2200https://ztf.yfz.mybluehost.me/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPUnified Layer
Usage typeContent Delivery Network

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

2 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Fake Shop
Fake Shop
Moderate likelihood
33/100
  • AI analyst tagged this as a fake shop.
  • No phone number or postal address anywhere on the page.
  • Multiple contact / trust-signal red flags on the page.
Brand Impersonation
Moderate likelihood
30/100
  • AI analyst tagged this as a brand / clone-site impersonation.
  • Clustered with known brand-impersonation infrastructure.

Fake shop — do not order

Signals common to non-delivery scam shops were detected on this site.

  • Do not interact with ztf.yfz.mybluehost.me

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you already paid by card or PayPal — start a chargeback

    Contact your bank or card issuer and dispute the charge as "goods not received" or "merchant fraud." PayPal users can open a case in the Resolution Centre. Act within 120 days for card chargebacks in most jurisdictions.

  • Save every piece of evidence

    Screenshots of the checkout, order confirmation emails, any chat transcripts, and the product listing page. Chargeback and fraud reports go faster when you have receipts.

  • Report the shop

    Report to the FTC (reportfraud.ftc.gov), Action Fraud UK, or your local consumer-protection body. Post the URL on the MalwareTips scam forum so other buyers can find it.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

ktekdiecast.comdavechangdesign.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags ztf.yfz.mybluehost.me as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — ztf.yfz.mybluehost.me scored 25/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. ztf.yfz.mybluehost.me presents a valid TLSv1.3 certificate issued by Let's Encrypt · YR2, expiring in 87 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • No. All 92 antivirus engines in our malware network report ztf.yfz.mybluehost.me as clean.
  • No. ztf.yfz.mybluehost.me is not currently listed on the major browser blocklist feeds that modern browsers use.
  • ztf.yfz.mybluehost.me resolves to an IP operated by Unified Layer in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 13, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around ztf.yfz.mybluehost.me have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·ztf.yfz.mybluehost.me
DANGEROUS

This is a phishing clone of the legitimate K-TEK DIECAST collectibles site, hosted on a free subdomain service (mybluehost.me) that has been repeatedly abused for credential-theft campaigns. Do not enter any personal or payment information.

Do not visit this site or enter any personal, payment, or account credentials. If you received a link to this site in an email, report it as phishing to your email provider. The legitimate K-TEK DIECAST collectibles business operates at ktekdiecast.com only.

AV engines
92
MT passes
2
Net signals
1
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust27
switch-roms.com
35m ago
Read the review
Dangeroustrust44
fifaworldcup.cfd
2h ago
Read the review
Dangeroustrust1
drivecursos.org
3h ago
Read the review
Dangeroustrust1
mangafire.com
3h ago
Read the review
Dangeroustrust44
flixmomo.app
4h ago
Read the review
Dangeroustrust26
moviestv4k.com
4h ago
Read the review
Dangeroustrust0
animeverse.to
4h ago
Read the review
Dangeroustrust0
sahmri-in-memoriam.raiselysite.com
4h ago
Read the review
Dangeroustrust0
up-4ever.net
7h ago
Read the review
Dangeroustrust1
naughtycharm.com
7h ago
Read the review
Dangeroustrust10
s13.up4ever.download
7h ago
Read the review
Dangeroustrust1
66xingji.com
7h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.