# slokn1.at — SUSPICIOUS

> PhishDestroy flags slokn1.at as an active crypto drainer with 0/95 VirusTotal detections. Exercise caution—avoid clicking!

## Summary
PhishDestroy identifies slokn1.at as an active crypto drainer domain under investigation for credential theft and cryptocurrency fraud. This domain is currently flagged as active and poses a significant threat to unsuspecting users engaging in online transactions. Threat analysts recommend immediate avoidance to prevent financial loss.


This domain resolves to IP 141.98.234.104 and operates under a Let’s Encrypt SSL certificate, which may falsely imply legitimacy. According to VirusTotal scans, slokn1.at remains undetected by any of the 95 participating security vendors, indicating a low initial detection rate despite its active status. The domain’s infrastructure suggests a hastily deployed operation, likely leveraging newly registered domains to evade early-stage blocking mechanisms. Additional research indicates that this domain is not yet present on major blocklists, further emphasizing the need for proactive user vigilance during its initial campaign phases.


The domain slokn1.at is currently active and poses an ongoing threat as a crypto drainer. Users are strongly advised to verify the legitimacy of any website before entering sensitive information or conducting cryptocurrency transactions. Experts recommend updating browser security settings, utilizing ad-blockers, and consulting threat intelligence feeds for real-time domain reputation checks. Organizations should consider proactive network-level blocking of this IP (141.98.234.104) to mitigate potential infiltration. Continuous monitoring of domain registration patterns and SSL certificate issuance is strongly encouraged to prevent further exploitation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 141.98.234.104

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/844aad57-2550-4154-b9a9-486277d4425a
- PhishDestroy: https://phishdestroy.io/domain/slokn1.at/
- LLM endpoint: https://phishdestroy.io/domain/slokn1.at/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slokn1.at/
Last updated: 2026-03-28