Threat Intelligence Dashboard

July 2025 Report

Detailed threat intelligence for 700 phishing domains. Registrar abuse, drainer kits, targeted brands, and AI-generated expert assessment.

146,062Total Detected
79,327Taken Down
57.1%Kill Rate
92.4%VT Coverage
38,873Abuse Reports
Overview May 261,978 Apr 2615,640 Mar 2618,821 Feb 2642,102 Jan 268,930 Dec 2511,773 Nov 2512,579 Oct 258,841 Sep 257,307 Aug 253,788 Jul 25700 Jun 254
July 2025 Intelligence Report 17400%
700
297
Taken Down
385
Still Live
42.4%
Kill Rate
5625h
Avg Response
4.3
Avg VT Score

In July 2025, PhishDestroy detected 700 phishing domains, marking a 17400.0% increase from the previous month, with a takedown rate of 85.1%. Notably, Angel Drainer kits were identified on 183 domains, posing significant risks of wallet drains and seed theft. The mean registrar response time was a concerning 4981.9 hours, highlighting gaps in takedown efficiency. Despite the high volume, our operational impact remains strong with a substantial number of domains taken offline, though registrar responsiveness needs improvement.

  • NameSilo, LLC and PDR Ltd. lead in registrar abuse with 75 and 71 domains respectively, indicating a need for targeted mitigation.
  • Crypto brands remain prime targets with Generic Crypto and SushiSwap being the most attacked, suggesting a persistent focus on digital asset theft.
  • The .com TLD is the most weaponized with 304 domains, followed by .xyz with 84, indicating a preference for these TLDs in phishing campaigns.
  • The dominance of Angel Drainer kits across 183 domains suggests a prevalent threat of wallet drains and seed theft.
  • The US hosts the majority of phishing infrastructure with 561 domains, indicating a concentration of malicious activities in this region.
  • The mean detection-to-takedown time remains high at 4981.9 hours, necessitating faster registrar responses to reduce active phishing threats.
Outlook
Given the surge in phishing domains and the focus on crypto brands, defenders should prioritize monitoring for Angel Drainer kits and .com TLDs. Registrars like NameSilo, LLC and PDR Ltd. require escalation to enhance response times. Expect continued targeting of crypto sectors, necessitating heightened vigilance and rapid takedown actions.
Full Data on GitHub Browse All Domains Live Threats

Top Registrars

RegistrarDomains
Web Commerce Communications Limited 85
NameSilo, LLC 78
PDR Ltd. d/b/a PublicDomainRegistry.com 75
NameCheap, Inc. 50
NiceNIC International Group Co., Limited 43
HOSTINGER operations, UAB 42
OwnRegistrar, Inc. 36
Dynadot LLC 31

Targeted Brands

BrandDomains
across 73
Ethereum 41
binance 25
SushiSwap 20
metamask 18
Coinbase 17
facebook 15
aave 14

Top TLDs

.com304 .xyz84 .org27 .net23 .live21 .pro20 .finance16 .site15

Hosting Countries

🇺🇸 US562 🇩🇪 DE18 🇳🇱 NL17 🇷🇺 RU11 🇭🇰 HK8 🇸🇬 SG6 🇬🇧 GB6 PL5

Active Drainer Kits

Angel Drainer183 Wallet Connect Abuse11 Inferno Drainer1 Solana Drainer1

July 2025 Domains (700)

Sorted by VirusTotal detections. Click any domain for full security report.

airdrop-x.xyz
2 VTTaken Down
airswapreward.live
2 VTTaken Down
aixvc-register.info
2 VTLiveAngel Drainer
asssister.xyz
2 VTTaken Down
asymmetrypool.live
2 VTLiveAngel Drainer
atlanticargoexpress.com
2 VTLive
avm-register.xyz
2 VTLiveAngel Drainer
axie-infinits.com
2 VTLive
bitcryptax.pro
2 VTLive
bitex-crypto.com
2 VTLive
bitget-index.net
2 VTTaken Down
bitpieow.com
2 VTLive
bitpierc.com
2 VTLive
bitpiern.com
2 VTLive
bitpieua.com
2 VTLive
bitpieur.com
2 VTLive
bitzpie.com
2 VTTaken Down
blackmorkie.xyz
2 VTTaken Down
blaxbrookven.xyz
2 VTLive
blockdawgclaim.network
2 VTTaken DownAngel Drainer
bloxapoxan.xyz
2 VTLive
bonzzy.com
2 VTTaken Down
bridgeice.lol
2 VTTaken DownAngel Drainer
buildonhyb.live
2 VTTaken DownAngel Drainer
bullbrute.com
2 VTTaken Down
bulldogito.world
2 VTLiveAngel Drainer
buy-flash-usdt.com
2 VTLive
buy-psyop.org
2 VTTaken Down
bvitpie.com
2 VTTaken Down
bybitx.global
2 VTTaken Down
byk58.com
2 VTLive
bzstverify.cloud
2 VTTaken Down
calderacapital.xyz
2 VTTaken Down
calderacapitalgroup.xyz
2 VTTaken Down
calderagroup.xyz
2 VTTaken Down
centricsolmigration.com
2 VTLiveAngel Drainer
cessnetwork.xyz
2 VTTaken DownAngel Drainer
chainresolveprotocol.site
2 VTLiveAngel Drainer
checker-uxlink.app
2 VTLiveAngel Drainer
claims-eclipse.run
2 VTTaken DownAngel Drainer
cmctask.live
2 VTLive
coin-verge.com
2 VTLive
coinbixe.com
2 VTLive
coins.datahaven.rest
2 VTTaken Down
cointo.cloud
2 VTLiveAngel Drainer
collab-nodes.com
2 VTLive
connect-plasma.to
2 VTLive
copytradingfun.com
2 VTLiveAngel Drainer
cosmice.cc
2 VTTaken Down
cosmicvpn.net
2 VTTaken Down
craxproshop.com
2 VTTaken Down
cryptobitx.net
2 VTTaken Down
cryptoconnect.tech
2 VTTaken Down
csmonly.com
2 VTLive
csony.com
2 VTTaken Down
dapp-rectifier.site
2 VTLiveAngel Drainer
dappsevmportal.site
2 VTLive
dappvalidation.com
2 VTLiveAngel Drainer
dashboard-nexchain.net
2 VTLiveAngel Drainer
dazdex.com
2 VTLive
« Prev ... 4 5 6 7 8 9 10 ... Next »

Detection Trends

Monthly domain volume, kill rate, and live threats over time.

Monthly Detected Domains

Kill Rate %

Explore More

Related intelligence pages and data feeds.

Domain Hub

146,062+ domains with security reports

Live Threats

59,497 phishing sites still online

DestroyList on GitHub

Open-source daily phishing domain feeds

About PhishDestroy

Independent anti-phishing threat intelligence