# redzx.com — SUSPICIOUS

> redzx.com is a newly registered domain (Dec 2025) pushing generic phishing content. It currently shows 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies redzx.com as an active generic phishing domain under primary investigation for potential cryptocurrency drainer operations. The domain was registered on December 15, 2025, and is currently resolving to IP address 188.114.96.3. No specific brand mimicry or drainer kit attribution has been established at this stage, but behavioral patterns suggest early-stage phishing deployment aimed at credential harvesting or fraudulent transactions.

This domain was flagged with a VirusTotal community score of 0 detections out of 95 engines as of latest scan. It was registered via NAMECHEAP INC and secured an SSL certificate from Google Trust Services, which may be used to enhance phishing credibility. The domain’s recent creation date and low detection rate indicate it is likely in an early, unblocked propagation phase. No confirmed presence on Google Safe Browsing (GSB) blocklists has been recorded to date, and no third-party blocklist inclusion metrics are available from public sources.

As of this report, redzx.com remains active with low visibility across threat intelligence platforms. Users are advised to avoid visiting or interacting with the domain. Security teams should monitor for associated IP/domain pairs and update network blocklists accordingly. While current risk is classified as under investigation, the combination of recent registration, zero detections, and active resolution suggests elevated potential for future malicious activity. Remaining risk is moderate pending further behavioral analysis and detection updates.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-15 11:23:14
- Registrar: NAMECHEAP INC
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/05e25865-a3f3-4f44-9ef7-31f9d756a3c2
- PhishDestroy: https://phishdestroy.io/domain/redzx.com/
- LLM endpoint: https://phishdestroy.io/domain/redzx.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/redzx.com/
Last updated: 2026-03-21