# redeembux.com — MALICIOUS

> redeembux.com shows medium phishing risk. Avoid sharing personal info and monitor this domain for potential scams.

## Summary
PhishDestroy identifies redeembux.com as a generic phishing threat with a medium risk level, actively engaged in deceptive practices. The domain was registered recently on February 19, 2026, through Sav.com, LLC, which is often associated with high-risk registrations. Its classification as generic phishing signals it may attempt to trick users into divulging sensitive information.

From a technical standpoint, redeembux.com resolves to the IP address 91.218.49.176, a detail that can help track malicious infrastructure. VirusTotal analysis indicates that 8 out of 95 security vendors have flagged this domain, reinforcing its suspicion within the cybersecurity community. This detection suggests the domain is involved in suspicious activities consistent with phishing campaigns.

Currently, redeembux.com remains active and under ongoing monitoring. Users are advised to exercise caution and avoid interacting with the domain or providing personal details. PhishDestroy recommends security teams consider blocking or closely scrutinizing traffic to this domain as part of broader phishing defense measures.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Redeem Robux

## Domain Intelligence
- Registered: 2026-03-06 01:07:01
- Registrar: Sav.com, LLC
- Country: US
- IP: 91.218.49.176
- IP Country: UA
- IP City: Kyiv
- IP Org: AS6698 Virtual Systems LLC
- Nameservers: ["jill.theonionhost.com", "ray.theonionhost.com"]
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CRDF", "Google Safebrowsing", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content

### Page Text
Redeem Robux 25,000 Robux Code: SECRET4 Only 6 codes remaining. Redeem This code is invalid. This website is not affiliated with or endorsed by Roblox Corporation and does not request Roblox passwords, login credentials, or any sensitive personal information. '));
    //-->

### External Scripts
- https://cdn.tailwindcss.com
- https://d26h1wdc757l2w.cloudfront.net/0e7e044.js
- https://d2dzcaq3bhqk1m.cloudfront.net/hfCk9bfRQHAvhvf.4369172.61b38.0.js

### Form Fields
- Roblox Username
- text
- Code
- code
- username

### External Links
- https://discord.gg
- https://twitter.com/roblox
- https://www.roblox.com/groups/16927870

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc062-6f69-769c-a00b-b57d42f53f44.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/e7ca1082-a44f-49a9-81a3-000340ce67c1
- Wayback Machine: https://web.archive.org/web/https://redeembux.com
- PhishDestroy: https://phishdestroy.io/domain/redeembux.com/
- LLM endpoint: https://phishdestroy.io/domain/redeembux.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/redeembux.com/
Last updated: 2026-03-16