# dep27k.net — SUSPICIOUS

> Investigate dep27k.net, a low-risk phishing domain now offline. Learn about its infrastructure and why it was flagged by security sources.

## Summary
PhishDestroy classifies dep27k.net as a low-risk generic phishing threat. The domain’s page title, "1 new message," suggests an attempt to lure users with deceptive messaging. Although the overall risk is low, the domain was created recently, which often correlates with malicious intent in phishing campaigns.

This domain was registered on March 12, 2026, through NiceNIC International Group Co., Limited, and resolved to IP address 104.21.34.74. Despite minimal detection—only one out of 95 VirusTotal vendors flagged it—and appearing on a single security blocklist, these signals align with typical early-stage phishing infrastructure. The domain’s brief active period and limited footprint likely contributed to its low-risk rating.

Currently, dep27k.net is offline, reducing immediate threat exposure. Users and organizations are advised to maintain vigilance against similar newly registered domains with generic phishing indicators. Employing DNS filtering and monitoring for suspicious messages can further mitigate risk from such transient phishing sites.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: 1 new message

## Domain Intelligence
- Registered: 2026-03-12 05:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.34.74
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["eric.ns.cloudflare.com", "vita.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ceff7-1252-72e5-8282-8b945d783342.png
- PhishDestroy: https://phishdestroy.io/domain/dep27k.net/
- LLM endpoint: https://phishdestroy.io/domain/dep27k.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dep27k.net/
Last updated: 2026-03-19