# luxwex.com — MALICIOUS

> Beware of phishing attempts from luxwex.com. Avoid sharing personal info and report suspicious activity immediately.

## Summary
PhishDestroy identifies luxwex.com as an active phishing domain posing a medium risk to users. This domain is involved in generic phishing campaigns aimed at deceiving victims into revealing sensitive information. The phishing activity linked to luxwex.com is designed to exploit unsuspecting users through fraudulent communication or fake websites.

The domain luxwex.com was registered recently on October 8, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to the IP address 172.67.186.238, which is associated with hosting infrastructure commonly used by threat actors for malicious purposes. VirusTotal analysis shows that 9 out of 95 security vendors currently detect this domain as malicious, indicating a growing consensus about its threat nature. The registrar and hosting details suggest a preference for anonymity and potentially transient use, typical of phishing operations.

Currently, luxwex.com remains active and continues to pose a threat to users. It is advised to avoid interacting with any communications or links originating from this domain. Organizations should update their security filters to block this domain and monitor for related phishing attempts. Users are encouraged to report suspicious emails or websites to their security teams or appropriate authorities to help mitigate the spread of this phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: ZEXBETS | Play at the best online casino based on Blockchain

## Domain Intelligence
- Registered: 2026-03-05 13:07:01
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- Country: HK
- IP: 172.67.186.238
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: adelaide.ns.cloudflare.com cody.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbe12-2aa4-71d9-8114-faa91c56dba2.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/luxwex.com
- Wayback Machine: https://web.archive.org/web/https://luxwex.com
- PhishDestroy: https://phishdestroy.io/domain/luxwex.com/
- LLM endpoint: https://phishdestroy.io/domain/luxwex.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/luxwex.com/
Last updated: 2026-03-16