# apps-coinsext.wixstudio.com — SUSPICIOUS > PhishDestroy identifies apps-coinsext.wixstudio.com as a crypto drainer impersonating CoinEx Exchange. This Wix-hosted site evades 95 VirusTotal vendors. ## Summary PhishDestroy has confirmed that apps-coinsext.wixstudio.com is actively operating as a crypto drainer scam site, specifically designed to impersonate the legitimate CoinEx Exchange platform. The domain is currently flagged as an active threat and remains under continuous monitoring due to its malicious intent to deceive users into connecting cryptocurrency wallets under false pretenses. This operation is part of a broader campaign targeting unsuspecting victims in the cryptocurrency space by leveraging the trusted branding of a well-known exchange to facilitate unauthorized fund transfers. This domain resolves to the IP address 34.144.206.118 and utilizes a valid SSL certificate issued by Let's Encrypt, which may contribute to a false sense of legitimacy. As of the latest assessment, the domain has evaded detection by 0 out of 95 VirusTotal vendors, indicating a low immediate detection rate despite its confirmed malicious nature. The use of a WixStudio subdomain suggests an attempt to exploit reputable hosting services to host phishing content, while the Let's Encrypt SSL certificate further obscures the site's malicious intent by providing the appearance of secure browsing. The domain's infrastructure and SSL configuration are notable for their attempt to mimic legitimate services, a common tactic among crypto drainers to gain user trust. Apps-coinsext.wixstudio.com remains an active threat, and users are strongly advised to avoid interacting with the site under any circumstances. To mitigate risk, verify the legitimacy of any cryptocurrency-related website by cross-referencing domains with PhishDestroy's continuously updated blocklist. Additionally, users should ensure they are visiting the official CoinEx Exchange website (coinex.com) and never enter wallet credentials or connect wallets to third-party sites unless absolutely certain of their authenticity. For organizations, consider blocking the IP address 34.144.206.118 at the network level to prevent accidental access to this malicious domain. Continuous monitoring and sharing of threat intelligence within the cybersecurity community are critical to reducing the effectiveness of such crypto drainer campaigns. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/apps-coinsext.wixstudio.com - PhishDestroy: https://phishdestroy.io/domain/apps-coinsext.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/apps-coinsext.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/apps-coinsext.wixstudio.com/ Last updated: 2026-04-05