# trrxorien.wixstudio.com — SUSPICIOUS

> TRRXorien.wixstudio.com is a live crypto drainer phishing domain with 0/95 VirusTotal detections. Avoid this credential theft portal immediately.

## Summary
PhishDestroy identifies trrxorien.wixstudio.com as an active cryptocurrency drainer phishing domain currently under investigation. This Wix-hosted site poses a high risk by impersonating legitimate services to steal wallet credentials and drain digital assets. Security telemetry has not yet flagged this domain on VirusTotal, which shows 0/95 detections as of the latest scan.  This domain resolves to IP 34.144.206.118 and operates under a valid Let’s Encrypt SSL certificate, increasing its deceptive credibility. While the WixStudio platform is legitimate, malicious actors frequently abuse its subdomains to host phishing content with minimal oversight. The domain lacks any known presence on major blocklists and its underlying infrastructure carries neutral trust scores due to recent deployment. Creation date and registrar details remain unverified in public WHOIS records, suggesting anonymity or recent registration intended to evade detection.  Immediate mitigation is required. Users should avoid interacting with trrxorien.wixstudio.com and flag it in security tools. Organizations are advised to block IP 34.144.206.118 and monitor for outbound connections. If credentials were entered, rotate passwords and revoke session tokens immediately. Report this domain to threat intelligence platforms and browser vendors to accelerate takedown and prevent broader compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 34.144.206.118

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9e7c8971-14ad-4f4b-8b59-688ee619c269
- PhishDestroy: https://phishdestroy.io/domain/trrxorien.wixstudio.com/
- LLM endpoint: https://phishdestroy.io/domain/trrxorien.wixstudio.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trrxorien.wixstudio.com/
Last updated: 2026-03-22