# republic24.biz — SUSPICIOUS > PhishDestroy identifies republic24.biz as a generic phishing domain (0/95 VT detections) hosting credential theft content. ## Summary PhishDestroy identifies the domain republic24.biz as a live generic phishing infrastructure actively hosting credential theft content. The domain is currently under investigation (unique seed: 502fe7) and remains operational despite zero detections on VirusTotal. No specific brand impersonation has been confirmed at this stage, but the site is flagged for malicious activity consistent with credential harvesting campaigns. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating a low detection rate despite malicious hosting behavior. The domain is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP 172.67.187.186, and was created on April 04, 2025. It holds an SSL certificate issued by Google Trust Services, which may be leveraged to appear legitimate. The lack of blocklist entries and undetected status on VT suggests a recently deployed or stealthily operated campaign. The domain’s recent creation and low detection profile increase the risk of successful exploitation against unsuspecting users. The current status of republic24.biz remains active, with no signs of takedown or mitigation. Given the absence of brand-specific impersonation and the low detection rate, the threat may be in a testing or early deployment phase. Users and organizations are advised to block the domain and IP at the network perimeter immediately. Additionally, implement DNS filtering to prevent resolution, and conduct endpoint scans for signs of credential theft. Security teams should monitor for new domains registered by NICENIC INTERNATIONAL GROUP CO., LIMITED and correlate with known phishing IOCs. Exercise heightened caution when encountering recently registered domains with valid SSL certificates, as these are frequently abused in credential theft campaigns. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-04-04 08:57:32 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 172.67.187.186 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b014b515-edd8-43f5-a6cc-8d3fd4942374 - PhishDestroy: https://phishdestroy.io/domain/republic24.biz/ - LLM endpoint: https://phishdestroy.io/domain/republic24.biz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/republic24.biz/ Last updated: 2026-03-26