# tiktokappfreecoins-hyq85iej8l.edgeone.app — SUSPICIOUS

> Analyzing tiktokappfreecoins-hyq85iej8l.edgeone.app, a TikTok brand impersonation crypto drainer using a crypto drainer kit. VirusTotal shows 0/95 detections.

## Summary
PhishDestroy identifies tiktokappfreecoins-hyq85iej8l.edgeone.app as an active crypto drainer impersonating TikTok to trick users into connecting cryptocurrency wallets under the guise of receiving free coins.

This domain leverages a brand impersonation scheme targeting TikTok users, distributing a crypto drainer kit that silently drains connected wallets once authorization is granted. The infrastructure resolves to IP 43.152.26.58 via EdgeOne CDN, and the domain is flagged by two blocklists—OpenPhish and OISD. Its SSL certificate is issued by DigiCert, Inc., suggesting an attempt to appear legitimate. Further investigation is required to determine domain age and exact creation date.

Currently active and under monitoring, this domain exhibits high-risk behavior typical of crypto drainer operations. Immediate actions include blacklisting at network and endpoint levels, revocation of SSL certificates where possible, and user education on crypto wallet security. The current risk level remains under investigation, but given the domain's presence on established blocklists and lack of VirusTotal detections, proactive blocking and incident response is strongly recommended. Remaining risk is moderate due to the domain's active state and potential for continued evolution in drainer tactics.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 43.152.26.58

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["OpenPhish", "OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/tiktokappfreecoins-hyq85iej8l.edgeone.app
- PhishDestroy: https://phishdestroy.io/domain/tiktokappfreecoins-hyq85iej8l.edgeone.app/
- LLM endpoint: https://phishdestroy.io/domain/tiktokappfreecoins-hyq85iej8l.edgeone.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tiktokappfreecoins-hyq85iej8l.edgeone.app/
Last updated: 2026-04-04