Is bitfinex.com legit?
Bitfinex.com appears to be a mostly safe platform, benefiting from strong infrastructure and a long-standing domain. However, users should exercise caution due to concerns around excessive external scripts, a lack of complete legal pages, and the use of non-reversible payment methods.
Crypto average: 76/100 · based on 25 sites
Checked: April 18, 2026 at 7:57 AM UTC · Refresh
Is bitfinex.com a scam? Here's what we found.
While the SSL/TLS configuration is robust and Google Web Risk finds no threats, the high number of external scripts presents a notable vulnerability for potential supply chain attacks or data leakage. This is a significant concern for a platform handling financial transactions.
With a domain age of over 13 years, the site demonstrates a long-term presence, which generally builds trust. The registrar information is visible, consistent with a legitimate operation.
The site's moderate global traffic and clean DNS blacklists contribute positively to its reputation. While there's no Trustpilot, this isn't necessarily a red flag for all businesses.
The lack of readily available contact information on the homepage and minimal social media presence makes it less transparent than expected for a major financial platform. This can hinder user support and communication.
The absence of either a privacy policy or terms of service is a major legal and user trust issue, especially for a financial service. Furthermore, the reliance on non-reversible payment methods offers poor consumer protection.
The technical setup is solid. Good DNS resolution, email authentication, a proper sitemap, and strong security headers like HSTS and CSP indicate a well-managed backend designed for reliability and security.
Signals Detected
This site has moderate global traffic
No structured data markup found
Mentions non-reversible payment methods: bitcoin
Excessive number of external scripts — may indicate malicious injection
This business has no Trustpilot presence — not unusual for smaller or newer companies
Domain created 2012-10-11T08:41:11Z (13 years, 8 months ago)
Registered through Name106, Inc.
Expires in 1637 days
DNSSEC status from WHOIS
Valid certificate, expires in 58 days
Certificate issued by Google Trust Services
Connection uses TLS 1.3
robots.txt has 22 directives and references a sitemap
Site has custom branding and social media metadata
crt.sh returned status 429
Resolves to: 104.16.166.90, 104.16.167.90, 104.16.164.90, 104.16.168.90, 104.16.165.90
Mail servers: aspmx.l.google.com., alt1.aspmx.l.google.com., alt2.aspmx.l.google.com., aspmx2.googlemail.com., aspmx3.googlemail.com.
Domain has SPF email authentication configured
Domain has DMARC email authentication configured
DNS providers: rick.ns.cloudflare.com., vera.ns.cloudflare.com.
Site maintains a proper sitemap with 168 indexed pages
Site enforces HTTPS via HSTS
Site has Content Security Policy configured
X-Frame-Options: deny
Web server: cloudflare
No threats detected by Google Web Risk
Not found on any DNS blacklists
Website is live and responding
No obvious contact information found on homepage
Website is missing either privacy policy or terms of service
Website links to one social media platform
Could not query Wayback Machine
Fast page load
Embed This Badge
Stay Safe Online
Good habits to protect yourself, no matter the scan result.
Never reuse passwords across sites.
Add a second layer of security to your accounts.
Always verify unfamiliar stores before entering payment info.