# 4-25webullish.lat — SUSPICIOUS

> 4-25webullish.lat shows signs of phishing risk. Exercise caution when visiting this domain as it is under active investigation.

## Summary
PhishDestroy identifies 4-25webullish.lat as a domain flagged for generic phishing activity with a current risk level marked as under investigation. This classification indicates that suspicious behavior or evidence suggests potential malicious intent, but conclusive confirmation is pending further analysis.

The domain was registered recently on March 18, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com, a common registrar frequently used for both legitimate and malicious registrations. It resolves to the IP address 172.67.141.105, which is shared by multiple domains and may indicate use of a content delivery network or cloud service. Despite these concerns, VirusTotal scans report zero detections from 95 security vendors, meaning no direct malware or phishing payloads have been identified yet. However, the domain's young age combined with its registration details and the flagged generic phishing threat type warrant ongoing scrutiny.

Users and administrators should remain vigilant and avoid interacting with this domain until the investigation concludes. Employing web filtering, endpoint protection, and user awareness training are recommended to mitigate potential risk. PhishDestroy continues to monitor 4-25webullish.lat’s activity and will update its status as new intelligence becomes available.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-18 09:05:39
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 172.67.141.105
- Nameservers: june.ns.cloudflare.com nikon.ns.cloudflare.com

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://i.ibb.co/DDnCQDKY/4b367750bdb0.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/fae67112-2e94-44dc-846a-018074e24411
- PhishDestroy: https://phishdestroy.io/domain/4-25webullish.lat/
- LLM endpoint: https://phishdestroy.io/domain/4-25webullish.lat/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/4-25webullish.lat/
Last updated: 2026-03-19