# gettbit-us.wixstudio.com — SUSPICIOUS

> gettbit-us.wixstudio.com poses as a Bitcoin service to steal credentials. Resolves to 34.144.206.118. Avoid interaction; report if encountered.

## Summary
PhishDestroy identifies gettbit-us.wixstudio.com as an active credential-harvesting domain currently under investigation for generic phishing activities. This domain mimics legitimate cryptocurrency services to deceive users into surrendering sensitive login credentials or financial details. The infrastructure relies on a Let’s Encrypt SSL certificate and resolves to IP 34.144.206.118, hosted on Google Cloud. Despite zero detections on VirusTotal and no presence on major blocklists at this time, the domain’s suspicious naming pattern and rapid deployment warrant heightened scrutiny.  This domain was flagged with a risk level marked under investigation, and analysis reveals no current detections on VirusTotal (0/95), no confirmed blocklist entries, and no community trust warnings. The hosting infrastructure points to Google Cloud (ASN 15169), which is a reputable provider, but the domain itself lacks historical legitimacy—likely recently registered and rapidly configured for malicious purposes. Notably, the use of a free SSL certificate (Let’s Encrypt) does not indicate trustworthiness, as threat actors commonly abuse such services to appear legitimate during initial lure phases.  Users who encounter gettbit-us.wixstudio.com should refrain from entering any personal or financial information, as the domain is likely designed to harvest credentials or payment data. Organizations are advised to block traffic to IP 34.144.206.118 at the network perimeter and inspect DNS logs for resolutions to this domain. If users have already interacted with the site, they should immediately rotate passwords, enable multi-factor authentication on related accounts, and monitor for signs of fraudulent transactions or identity theft. Security teams should monitor for additional domains leveraging similar naming conventions or infrastructure patterns.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 34.144.206.118

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/gettbit-us.wixstudio.com
- PhishDestroy: https://phishdestroy.io/domain/gettbit-us.wixstudio.com/
- LLM endpoint: https://phishdestroy.io/domain/gettbit-us.wixstudio.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gettbit-us.wixstudio.com/
Last updated: 2026-04-08