# PhishDestroy threat dossier — topprudence.com ================================================================ Fetched: 2026-07-01 07:11:48 UTC Canonical: https://phishdestroy.io/domain/topprudence.com/ ## VERDICT ---------------------------------------------------------------- CRITICAL THREAT — DO NOT VISIT Composite threat score: 93/100 (PhishDestroy scoring — see methodology below) ## DETECTION EVIDENCE ---------------------------------------------------------------- VirusTotal: 5/91 security vendors flagged this domain Flagging vendors: alphaMountain.ai, CRDF, Fortinet, Netcraft, SOCRadar URLQuery: 2 detections Public blocklists: listed on 1 independent blocklist ## INFRASTRUCTURE ---------------------------------------------------------------- IP address: 163.61.188.7 (US, Staten Island) ASN: AS153568 NEW DHAKA HARDWARE Hosting org: MIT Registrar: TuringSign Inc. d/b/a Cosmotown Nameservers: dns1.lytehosting.com, dns2.lytehosting.com, dns3.lytehosting.com, dns4.lytehosting.com, ns1.cprapid.com, ns2.cprapid.com Registered: 2024-10-17 Expires: 2026-10-17 Page title: Top Prudence| your financial partner. HTTP response: 200 ## TLS CERTIFICATE ---------------------------------------------------------------- Issuer: Let's Encrypt / YR1 Expires: 2026-09-20 Status: INVALID chain Fingerprint: 62294a53036f027ad8fdaad9341bd6c9c3323b61950d4b8bde15170d3c7b26a0 ## ABUSE-REPORT HISTORY (evidence of registrar non-response) ---------------------------------------------------------------- Status: pending notification queue. No abuse reports filed yet — this domain is waiting for the next cycle of our automated abuse-reporter. ## TIMELINE ---------------------------------------------------------------- Domain registered: 2024-10-17 (per WHOIS / CT — may reflect a renewal or transfer date, not first-ever registration) First detected: 2026-07-01 03:54:49 UTC (by PhishDestroy tracker) First reported: 2026-07-01 02:31:14 UTC (abuse notice filed) Last verified: 2026-07-01 08:30:16 UTC Current status: ACTIVE / observable ## EXTERNAL CORROBORATION (third-party evidence) ---------------------------------------------------------------- URLScan.io: https://urlscan.io/result/019f1b61-ad97-72fd-94b2-7d4699e19fc9/ URLQuery: https://urlquery.net/report/3fb31ae9-a30b-4673-a29d-241d9395888c Wayback Machine: https://web.archive.org/web/*/topprudence.com crt.sh CT logs: https://crt.sh/?q=%25.topprudence.com Google transparency: https://transparencyreport.google.com/safe-browsing/search?url=topprudence.com AlienVault OTX: https://otx.alienvault.com/indicator/domain/topprudence.com URLhaus: https://urlhaus.abuse.ch/host/topprudence.com/ ## ANALYST NARRATIVE ---------------------------------------------------------------- [Generated: 2026-07-01 04:56:41 UTC — narrative may predate facts above. Treat fields in TIMELINE / DETECTION EVIDENCE / INFRASTRUCTURE as authoritative if they differ from the prose below.] The domain topprudence.com has been identified as a generic phishing threat, impersonating a financial partner. There is no known legitimate brand associated with this domain, indicating it may aim to deceive users into providing sensitive information. Technical indicators associated with topprudence.com include a VirusTotal score of 5/95, suggesting limited detection among security vendors. The domain was created on October 17, 2024, and is registered through TuringSign Inc. d/b/a Cosmotown. It resolves to the IP address 163.61.188.7 and appears on 1 security blocklist, enhancing the rationale for its classification as a threat. Additionally, it has been blocked by PhishDestroy, which indicates proactive measures against its fraudulent activities. Currently, topprudence.com remains active and is a significant risk for phishing attempts. Response actions should include immediate blocking of the domain at network filters and advising users to refrain from engaging with the website. Continuous monitoring for any shifts in hosting or registration details is recommended due to the potential for adaption by threat actors. ## EVIDENCE HASHES ---------------------------------------------------------------- PhishDestroy Case ID: PD-20260701-C456CC Favicon MD5: b7a26682fb33f470403eac46454f9209 TLS cert SHA-256: 62294a53036f027ad8fdaad9341bd6c9c3323b61950d4b8bde15170d3c7b26a0 ## SCORING METHODOLOGY ---------------------------------------------------------------- Composite score is NOT derived from VirusTotal alone. PhishDestroy aggregates: - VirusTotal positive ratio - Public blocklist consensus (MetaMask, ScamSniffer, OpenPhish, PhishTank, URLhaus, CryptoFirewall, SEAL, Polkadot, Enkrypt, Phishunt, DiscordPhishing, PhishingDB) - Cloaking detection (HTTP 666 or rendering delta between bot and real visitor) - DNS-filter consensus (Quad9, CleanBrowsing, NextDNS, AdGuard, Cloudflare, etc.) - AlienVault OTX pulses + Cloudflare Radar + Google Safe Browsing - URLScan / URLQuery verdicts - Brand-impersonation heuristics (DOM analysis of forms, logos, wording) - Known phishing-kit fingerprinting (favicon hash, JS obfuscation signatures) - Wallet-drainer family classification (Angel, MS, Rainbow, Pink, Inferno, ...) - Free-TLS vs paid-cert ratio (throwaway infrastructure signal) - Registrar/hosting abuse history (this registrar's track record) - Human researcher sign-off (volunteer takedown team) A domain present in our database is ALREADY flagged. A low VT count by itself does NOT mean the domain is safe — new scam domains routinely show 0/95 VT for their first 7–30 days while actively draining wallets. Always cross-reference the composite score and the individual indicators above, not just VT. ## CORRECTIONS / APPEALS ---------------------------------------------------------------- Full HTML report: https://phishdestroy.io/domain/topprudence.com/ JSON API: https://api.destroy.tools/v1/check?domain=topprudence.com Appeal a flag: https://phishdestroy.io/appeals/ (responded to within 48 hours, FP rate <0.01%) Submit a report: https://t.me/PhishDestroy_bot About PhishDestroy: volunteer-driven open-source threat-intelligence platform. Tracked: 173,390 domains (13,228 alive under monitoring, 159,488 confirmed takedowns/dead). Site: https://phishdestroy.io