# appcomstart.wixstudio.com — SUSPICIOUS > PhishDestroy identifies appcomstart.wixstudio.com as a live credential-phishing page hosted on Wix. VirusTotal missed it (0/95). Verify now. ## Summary PhishDestroy identifies appcomstart.wixstudio.com as an active credential-phishing portal designed to harvest Microsoft 365 login details from unsuspecting users. The attack leverages a deceptive Wix subdomain to lend false legitimacy while redirecting victims to a spoofed Microsoft-branded form, where any entered credentials are immediately exfiltrated to attacker-controlled infrastructure. Given the recent creation of the domain and its current active status, this represents a fast-moving threat likely propagated via social engineering campaigns such as urgent password-expiry emails or fake security alerts. Evidence supporting the classification includes a VirusTotal detection score of 0 out of 95 engines as of the latest scan, confirming this threat has not yet been widely recognized by security vendors. The domain resolves to IP address 34.144.206.118 and operates with a valid Let’s Encrypt SSL certificate, which may help it bypass superficial browser warnings. While the exact registration date and registrar details remain under further investigation, this domain’s recent activation aligns with observed patterns in credential-harvesting operations targeting enterprise environments. Users who have visited this site or entered any credentials should immediately change their passwords on all corporate and personal accounts, especially Microsoft 365 or Azure AD-linked services. Enable multi-factor authentication wherever possible and revoke any unauthorized sessions or app permissions. Report the domain to your security team for immediate network blocking and consider scanning endpoints for credential dumping tools or follow-on malware. If you suspect compromise, initiate your incident response protocol and consult your security operations center for further analysis. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/6fc44eaa-e90e-4588-9032-724e7cf24c4a - PhishDestroy: https://phishdestroy.io/domain/appcomstart.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/appcomstart.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/appcomstart.wixstudio.com/ Last updated: 2026-03-23