Threat Intelligence Dashboard

July 2025 Report

Detailed threat intelligence for 700 phishing domains. Registrar abuse, drainer kits, targeted brands, and AI-generated expert assessment.

107,732Total Detected
92,561Taken Down
86.3%Kill Rate
94.3%VT Coverage
25,332Abuse Reports
Overview Mar 269,496 Feb 2618,204 Jan 268,931 Dec 2511,773 Nov 2512,579 Oct 258,841 Sep 257,307 Aug 253,788 Jul 25700 Jun 254
July 2025 Intelligence Report 17400%
700
697
Taken Down
3
Still Live
99.6%
Kill Rate
5472h
Avg Response
4.3
Avg VT Score

In July 2025, PhishDestroy detected 700 phishing domains, marking a 17400.0% increase from the previous month, with a takedown rate of 85.1%. Notably, Angel Drainer kits were identified on 183 domains, posing significant risks of wallet drains and seed theft. The mean registrar response time was a concerning 4981.9 hours, highlighting gaps in takedown efficiency. Despite the high volume, our operational impact remains strong with a substantial number of domains taken offline, though registrar responsiveness needs improvement.

  • NameSilo, LLC and PDR Ltd. lead in registrar abuse with 75 and 71 domains respectively, indicating a need for targeted mitigation.
  • Crypto brands remain prime targets with Generic Crypto and SushiSwap being the most attacked, suggesting a persistent focus on digital asset theft.
  • The .com TLD is the most weaponized with 304 domains, followed by .xyz with 84, indicating a preference for these TLDs in phishing campaigns.
  • The dominance of Angel Drainer kits across 183 domains suggests a prevalent threat of wallet drains and seed theft.
  • The US hosts the majority of phishing infrastructure with 561 domains, indicating a concentration of malicious activities in this region.
  • The mean detection-to-takedown time remains high at 4981.9 hours, necessitating faster registrar responses to reduce active phishing threats.
Outlook
Given the surge in phishing domains and the focus on crypto brands, defenders should prioritize monitoring for Angel Drainer kits and .com TLDs. Registrars like NameSilo, LLC and PDR Ltd. require escalation to enhance response times. Expect continued targeting of crypto sectors, necessitating heightened vigilance and rapid takedown actions.
Full Data on GitHub Browse All Domains Live Threats

Top Registrars

RegistrarDomains
Web Commerce Communications Limited 85
NameSilo, LLC 77
PDR Ltd. d/b/a PublicDomainRegistry.com 72
NameCheap, Inc. 50
HOSTINGER operations, UAB 42
NiceNIC International Group Co., Limited 42
OwnRegistrar, Inc. 36
Dynadot LLC 31

Targeted Brands

BrandDomains
Ethereum 36
Solana 10
PancakeSwap 9
Bitget 9
Bybit 9
Pump.fun 8
Pendle 7
Coinbase 6

Top TLDs

.com304 .xyz84 .org27 .net23 .live21 .pro20 .finance16 .site15

Hosting Countries

🇺🇸 US558 🇩🇪 DE18 🇳🇱 NL17 🇷🇺 RU11 🇭🇰 HK8 🇬🇧 GB6 🇸🇬 SG6 PL5

Active Drainer Kits

Angel Drainer183 Wallet Connect Abuse11 Solana Drainer1 Inferno Drainer1

July 2025 Domains (700)

Sorted by VirusTotal detections. Click any domain for full security report.

connectwallapp.com
18 VTTaken Down
pubgzh-cn.top
18 VTTaken Down
ff-info-online.com
17 VTTaken Down
9823712-coinbase.com
16 VTTaken Down
flr-portal.org
16 VTTaken Down
https-dotus.com
16 VTTaken Down
nodeapp-serverlaunch.com
16 VTTaken DownWallet Connect Abuse
p2pwithpi.com
16 VTTaken Down
pancakeswapsfi.org
16 VTTaken DownSolana Drainer
coinbase003.xyz
15 VTTaken Down
foundation-ethereum.com
15 VTTaken Down
imtokenu.com
15 VTTaken Down
pagesvalidation.com
15 VTTaken Down
assetspacifics.ltd
14 VTTaken Down
cssats.com
14 VTTaken DownInferno Drainer
dappradarco.com
14 VTTaken Down
followxpert.com
14 VTTaken Down
inter-pinetprofile.com
14 VTTaken Down
nftminter.xyz
14 VTTaken Down
p2pmainnetapp.com
14 VTTaken Down
p2ppayment-livetrade.com
14 VTTaken Down
pi-marketpayment.com
14 VTTaken Down
pii-con.com
14 VTTaken Down
abhienergetic.com
13 VTTaken Down
boomcapital-investments.com
13 VTTaken Down
crest-cridetunion.com
13 VTTaken Down
cryptoaml.bot
13 VTTaken DownWallet Connect Abuse
decentrastake.com
13 VTTaken Down
guardawebwallet.com
13 VTTaken Down
okx-listings.com
13 VTTaken Down
opulenttrade-invests.com
13 VTTaken Down
p2p-relocke.com
13 VTTaken Down
quickdashxpress.com
13 VTTaken Down
bitgrex.com
12 VTTaken Down
bitpieon.com
12 VTTaken Down
bnceex.com
12 VTTaken Down
bridgedapp.nl
12 VTTaken DownAngel Drainer
cookie-sushi.xyz
12 VTTaken Down
crest-crditunion.com
12 VTTaken Down
dappsync.sharepool.in
12 VTTaken DownAngel Drainer
ff-exchange.art
12 VTTaken Down
6npool9s.top
11 VTTaken Down
active-exchange.pro
11 VTTaken Down
caw-sushi.pro
11 VTTaken Down
cb-loginportal.cloud
11 VTTaken DownAngel Drainer
claimseclipse.xyz
11 VTTaken DownAngel Drainer
communitycreatordev.com
11 VTTaken Down
core-infop2p.com
11 VTTaken Down
dapp.sharepool.in
11 VTTaken DownAngel Drainer
fenolex.com
11 VTTaken Down
fil-sushi.pro
11 VTTaken DownAngel Drainer
flarenetwork-xrp.finance
11 VTTaken Down
greenarklogistic.com
11 VTTaken Down
holddex.icu
11 VTTaken Down
hyperliquidtrade.link
11 VTTaken DownAngel Drainer
inj-sushi.pro
11 VTTaken DownAngel Drainer
intlcargo-express.com
11 VTTaken Down
issuesfixing.pro
11 VTTaken Down
neural-sushi.xyz
11 VTTaken DownAngel Drainer
p2p-activated.com
11 VTTaken Down
1 2 3 4 ... Next »

Detection Trends

Monthly domain volume, kill rate, and live threats over time.

Monthly Detected Domains

Kill Rate %

Explore More

Related intelligence pages and data feeds.

Domain Hub

107,732+ domains with security reports

Live Threats

14,744 phishing sites still online

DestroyList on GitHub

Open-source daily phishing domain feeds

About PhishDestroy

Independent anti-phishing threat intelligence