# app.hypertiquid.xyz — SUSPICIOUS > PhishDestroy identifies app.hypertiquid.xyz as a crypto drainer ATM with 0/95 VirusTotal detections. Immediate verification required to prevent fund loss. ## Summary PhishDestroy has flagged domain app.hypertiquid.xyz as a generic phishing host currently under investigation for suspected crypto draining activity. The domain is active and remains unblocked across public threat feeds. No specific brand impersonation has been confirmed at this stage, though behavioral analysis suggests cryptocurrency-related lures are being employed to trick users into connecting malicious wallets. This domain resolves to IP 188.114.96.3 and was registered on April 04, 2026 through PDR Ltd. d/b/a PublicDomainRegistry.com. PhishDestroy confirms the domain holds a valid Let's Encrypt SSL certificate and has been scanned by 95 VirusTotal vendors with 0 detections as of seed 28aabe. The domain remains unlisted on major blocklists including Google Safe Browsing, OpenPhish, and PhishTank. Security vendors including SentinelOne, Palo Alto Networks, and Netcraft have not yet flagged the sample, indicating a low-profile but potentially high-risk deployment. As this domain is actively resolving and classified as a generic phishing host under investigation for crypto drainer activity, PhishDestroy recommends immediate blocking at DNS and network levels. Users are advised to avoid interacting with app.hypertiquid.xyz or any subpages and to scan wallets previously connected to this domain using tools like WalletConnect or Etherscan’s phishing tags. Security teams should add 188.114.96.3 and the domain to internal blocklists and SIEM rules. Monitor for new detections as this sample matures in the threat landscape. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-04 02:10:41 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/app.hypertiquid.xyz - PhishDestroy: https://phishdestroy.io/domain/app.hypertiquid.xyz/ - LLM endpoint: https://phishdestroy.io/domain/app.hypertiquid.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/app.hypertiquid.xyz/ Last updated: 2026-04-05