# bullishdegen.world — SUSPICIOUS

> bullishdegen.world is a live crypto drainer phishing site with 0/95 VirusTotal detections. SSL-backed domain registered March 21, 2026 via OwnRegistrar.

## Summary
PhishDestroy identifies bullishdegen.world as an active crypto drainer phishing domain designed to trick users into connecting wallets and signing malicious transactions. The site mimics legitimate crypto platforms to siphon digital assets under the guise of token offers or airdrops. Domain resolution points to 104.21.44.153 and is secured by a Let's Encrypt SSL certificate to appear legitimate. Threat actors registered the domain on March 21, 2026 through OwnRegistrar, Inc., a registrar known for low oversight and rapid turnaround on malicious registrations.  This domain currently shows zero detections on VirusTotal (0/95 engines) and has not yet been flagged by major blocklists, indicating it remains under the radar while actively harvesting victims. Technical analysis reveals the infrastructure is hosted on a shared IP (104.21.44.153) with multiple high-risk domains, suggesting a coordinated campaign targeting crypto enthusiasts. The combination of a newly registered domain, low detection rate, and SSL certificate creates a deceptive but effective lure for users seeking early access to speculative tokens.  Users who visited bullishdegen.world should immediately revoke any wallet connections made on the site and transfer remaining assets to a clean wallet. Scan devices for malware using reputable tools like Malwarebytes or Windows Defender Offline. Report the domain to your browser’s safe-browsing program and block 104.21.44.153 at the firewall level. Exercise extreme caution with unsolicited links in crypto-related communities, especially those promising high-yield opportunities or exclusive early access.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-21 08:02:02
- Registrar: OwnRegistrar, Inc.
- IP: 104.21.44.153

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6941b780-4522-4d55-9f9c-1c48fb550728
- PhishDestroy: https://phishdestroy.io/domain/bullishdegen.world/
- LLM endpoint: https://phishdestroy.io/domain/bullishdegen.world/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bullishdegen.world/
Last updated: 2026-03-21