# renvexbit.com — MALICIOUS

> renvexbit.com is an active phishing domain posing high risk. Stay vigilant and block access immediately to protect your data and systems.

## Summary
PhishDestroy identifies renvexbit.com as a high-risk generic phishing domain. Registered on February 21, 2026, this domain is designed to deceive users and harvest sensitive information through fraudulent schemes.

Technical analysis reveals that renvexbit.com is flagged by 16 out of 95 security vendors on VirusTotal and appears on one security blocklist, confirming its malicious intent. Its infrastructure supports ongoing phishing campaigns, targeting unsuspecting victims with convincing but fake interfaces.

Currently, renvexbit.com remains active and poses a significant threat to users and organizations. Immediate blocking and monitoring are recommended to mitigate potential data breaches and financial losses associated with this domain.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ethereum
- Page title: Buy & Sell Bitcoin, Ethereum | Cryptocurrency Exchange | RENVEXBIT

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NameCheap, Inc.
- Country: US
- IP: 104.21.40.182
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["benedict.ns.cloudflare.com", "elma.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bc0db-e76f-771b-87f3-edd4a3b44959.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/ebf7dac4-45ca-4431-afa7-421333d1c19d
- PhishDestroy: https://phishdestroy.io/domain/renvexbit.com/
- LLM endpoint: https://phishdestroy.io/domain/renvexbit.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/renvexbit.com/
Last updated: 2026-03-19