Threat Intelligence Dashboard

July 2025 Report

Detailed threat intelligence for 700 phishing domains. Registrar abuse, drainer kits, targeted brands, and AI-generated expert assessment.

146,053Total Detected
79,237Taken Down
57%Kill Rate
92.4%VT Coverage
38,873Abuse Reports
Overview May 261,969 Apr 2615,640 Mar 2618,821 Feb 2642,102 Jan 268,930 Dec 2511,773 Nov 2512,579 Oct 258,841 Sep 257,307 Aug 253,788 Jul 25700 Jun 254
July 2025 Intelligence Report 17400%
700
297
Taken Down
385
Still Live
42.4%
Kill Rate
5625h
Avg Response
4.3
Avg VT Score

In July 2025, PhishDestroy detected 700 phishing domains, marking a 17400.0% increase from the previous month, with a takedown rate of 85.1%. Notably, Angel Drainer kits were identified on 183 domains, posing significant risks of wallet drains and seed theft. The mean registrar response time was a concerning 4981.9 hours, highlighting gaps in takedown efficiency. Despite the high volume, our operational impact remains strong with a substantial number of domains taken offline, though registrar responsiveness needs improvement.

  • NameSilo, LLC and PDR Ltd. lead in registrar abuse with 75 and 71 domains respectively, indicating a need for targeted mitigation.
  • Crypto brands remain prime targets with Generic Crypto and SushiSwap being the most attacked, suggesting a persistent focus on digital asset theft.
  • The .com TLD is the most weaponized with 304 domains, followed by .xyz with 84, indicating a preference for these TLDs in phishing campaigns.
  • The dominance of Angel Drainer kits across 183 domains suggests a prevalent threat of wallet drains and seed theft.
  • The US hosts the majority of phishing infrastructure with 561 domains, indicating a concentration of malicious activities in this region.
  • The mean detection-to-takedown time remains high at 4981.9 hours, necessitating faster registrar responses to reduce active phishing threats.
Outlook
Given the surge in phishing domains and the focus on crypto brands, defenders should prioritize monitoring for Angel Drainer kits and .com TLDs. Registrars like NameSilo, LLC and PDR Ltd. require escalation to enhance response times. Expect continued targeting of crypto sectors, necessitating heightened vigilance and rapid takedown actions.
Full Data on GitHub Browse All Domains Live Threats

Top Registrars

RegistrarDomains
Web Commerce Communications Limited 85
NameSilo, LLC 78
PDR Ltd. d/b/a PublicDomainRegistry.com 75
NameCheap, Inc. 50
NiceNIC International Group Co., Limited 43
HOSTINGER operations, UAB 42
OwnRegistrar, Inc. 36
Dynadot LLC 31

Targeted Brands

BrandDomains
across 73
Ethereum 41
binance 25
SushiSwap 20
metamask 18
Coinbase 17
facebook 15
aave 14

Top TLDs

.com304 .xyz84 .org27 .net23 .live21 .pro20 .finance16 .site15

Hosting Countries

🇺🇸 US562 🇩🇪 DE18 🇳🇱 NL17 🇷🇺 RU11 🇭🇰 HK8 🇸🇬 SG6 🇬🇧 GB6 PL5

Active Drainer Kits

Angel Drainer183 Wallet Connect Abuse11 Inferno Drainer1 Solana Drainer1

July 2025 Domains (700)

Sorted by VirusTotal detections. Click any domain for full security report.

curve-en.finance
8 VTTaken Down
fintracee.com
8 VTTaken Down
hedera-rewards.com
8 VTLive
hypurrfiapp.com
8 VTLiveAngel Drainer
ixs-sushi.xyz
8 VTLive
neiro-sushi.pro
8 VTTaken Down
nelcas.com
8 VTLive
oweth.vip
8 VTTaken DownAngel Drainer
pad-chalngpt.com
8 VTLive
phemexglobalfx.com
8 VT
2x-reward.today
7 VTTaken Down
7415decarpiquet.com
7 VTTaken DownAngel Drainer
acewalletdrainer.com
7 VTLive
affixrevsexplore.run
7 VTLiveAngel Drainer
blackhols.xyz
7 VTLive
blockdawgclaim.live
7 VTTaken DownAngel Drainer
ceolix.com
7 VTLive
connect-abstractchain.xyz
7 VTLive
datadapp-manualsdex.xyz
7 VTLiveAngel Drainer
flipcas.com
7 VTLive
frax-en.xyz
7 VTTaken Down
interpulude.xyz
7 VTTaken DownAngel Drainer
jesusonsui.xyz
7 VTTaken DownAngel Drainer
jknioh.com
7 VTTaken Down
metaweb3app.info
7 VTTaken DownAngel Drainer
nexoramining.org
7 VTLive
nodego.asia
7 VTLiveAngel Drainer
os-admin.link
7 VTLive
oweth.top
7 VTTaken DownAngel Drainer
paal-sushi.xyz
7 VTLive
pinetmoney.com
7 VTLive
pump-presale.org
7 VTTaken Down
qfsworldgloballedger.org
7 VTLive
0xarb.xyz
6 VTLive
999claimbye.live
6 VTLive
access-auth.xyz
6 VTLiveAngel Drainer
authbtcbull.xyz
6 VTLiveAngel Drainer
block-fi-disbursement-processor.com
6 VTLiveAngel Drainer
blocktrader.biz
6 VTLive
bonsiconize-ven.info
6 VTLiveAngel Drainer
capitalcoincylce.com
6 VTLive
check-aml.net
6 VTTaken DownWallet Connect Abuse
coinrion.com
6 VTTaken Down
coqinu.quest
6 VTLiveAngel Drainer
cryptotaxup.com
6 VTLiveAngel Drainer
crystalbk.com
6 VTTaken Down
dapp-hyperswap.network
6 VTLive
dbybits.com
6 VTTaken Down
dcsolution.online
6 VTTaken DownAngel Drainer
fastnym.com
6 VTLiveAngel Drainer
faucet-zama.com
6 VTLiveAngel Drainer
flarenetwork-xrpconnect.com
6 VTLive
flrportalnet.live
6 VT
fragmetics.xyz
6 VTTaken DownAngel Drainer
hyperliquid-hub.cc
6 VTLive
land-app5.top
6 VTTaken Down
neo-ppeclaim.xyz
6 VTLive
p2pexchange-market.com
6 VTLive
pancakerswap.com
6 VTLiveAngel Drainer
pepeobtain.com
6 VTTaken DownWallet Connect Abuse
« Prev 1 2 3 4 5 6 ... Next »

Detection Trends

Monthly domain volume, kill rate, and live threats over time.

Monthly Detected Domains

Kill Rate %

Explore More

Related intelligence pages and data feeds.

Domain Hub

146,053+ domains with security reports

Live Threats

59,687 phishing sites still online

DestroyList on GitHub

Open-source daily phishing domain feeds

About PhishDestroy

Independent anti-phishing threat intelligence