# auntlet.xyz — SUSPICIOUS

> auntlet.xyz is an active crypto drainer phishing domain with 0/95 VirusTotal detections. Verify safety status on PhishDestroy now.

## Summary
PhishDestroy identifies auntlet.xyz as an active phishing domain with a specific threat type classified as a crypto drainer. The risk level is currently under investigation, highlighting the potential for financial theft targeting cryptocurrency users. This domain poses a significant security risk due to its intent to deceive victims into surrendering sensitive crypto wallet information.

auntlet.xyz was created recently on November 18, 2025, and resolves to IP address 104.21.10.15. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. Despite being active, VirusTotal reports 0 out of 95 antivirus and security vendors detecting any malicious activity on this domain at this time, which suggests it may be newly deployed or using sophisticated evasion techniques. The domain holds an SSL certificate issued by Google Trust Services, which could lend false credibility to end users. There are currently no public blocklist flags or trust score alerts reported, but ongoing monitoring is recommended given the emerging risk.

To mitigate risks associated with crypto drainer phishing domains like auntlet.xyz, users should avoid interacting with unsolicited links or messages referencing this domain. Cryptocurrency holders are advised to verify wallet addresses carefully and use hardware wallets or multisignature setups to enhance security. Organizations should implement email filtering, domain blocking, and user awareness training focused on recognizing crypto-specific phishing attempts. Continuous threat intelligence updates from platforms like PhishDestroy are critical to stay ahead of evolving phishing tactics linked to this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-18 07:20:29
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.10.15

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/dc74cfd6-2aca-4c1b-ac73-41f15651cbef
- PhishDestroy: https://phishdestroy.io/domain/auntlet.xyz/
- LLM endpoint: https://phishdestroy.io/domain/auntlet.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/auntlet.xyz/
Last updated: 2026-03-27