# megaweb-14at.com — SUSPICIOUS

> megaweb-14at.com is linked to credential theft with 2 of 95 VirusTotal vendors flagging it. Newly created domain; users should avoid interaction.

## Summary
megaweb-14at.com has been identified as an active domain involved in credential theft attacks. While the exact brand impersonated remains unspecified, the domain poses an elevated risk to users by attempting to harvest sensitive login information through deceptive means.

This domain was created recently on September 21, 2024, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to the IP address 172.67.177.119 and holds an SSL certificate issued by Google Trust Services, potentially to lend it a facade of legitimacy. According to VirusTotal analysis, 2 out of 95 security vendors have flagged megaweb-14at.com as malicious. Currently, the domain is active and there are no reports of it being listed on public blocklists beyond these detections.

Given the domain's new creation date and its use of a trusted SSL authority, users should exercise caution and avoid providing any credentials or personal information to this domain. Security teams are advised to block access to megaweb-14at.com within their networks and monitor for any attempts to connect to the IP 172.67.177.119. Continuous vigilance and user education on credential theft tactics will help mitigate the elevated risk posed by this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-09-21 18:56:17
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.177.119

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b92a29a5-c839-4081-aeae-36e05c1bae2b
- PhishDestroy: https://phishdestroy.io/domain/megaweb-14at.com/
- LLM endpoint: https://phishdestroy.io/domain/megaweb-14at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/megaweb-14at.com/
Last updated: 2026-03-27