# slon14at.net — SUSPICIOUS

> Stay alert: slon14at.net is linked to phishing activity. Avoid sharing personal info and verify URLs before interacting with this domain.

## Summary
PhishDestroy has identified slon14at.net as a medium-risk domain associated with generic phishing threats. The domain, which displays the page title "slon14.at," aims to deceive users by masquerading as a legitimate site to harvest sensitive information. Given its classification, users should exercise caution when encountering this domain.

Technically, slon14at.net resolves to the IP address 104.21.75.201 and is registered through NiceNIC International Group Co., Limited. It was created recently on March 13, 2026, which may indicate a short lifespan typical of phishing infrastructure. VirusTotal analysis shows that 3 out of 95 security vendors flagged this domain, and it appears on one security blocklist, reinforcing concerns regarding its malicious intent.

Currently, slon14at.net remains active and continues to pose a threat to unsuspecting users. PhishDestroy recommends avoiding any interaction with this domain, refraining from submitting personal or financial data, and reporting any phishing attempts related to it. Continuous monitoring and updating blocklists will help mitigate risks associated with this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: slon14.at

## Domain Intelligence
- Registered: 2026-03-13 03:07:02
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.75.201
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: blair.ns.cloudflare.com lochlan.ns.cloudflare.com
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce53c-6f70-70bd-910c-4227ae5475ad.png
- PhishDestroy: https://phishdestroy.io/domain/slon14at.net/
- LLM endpoint: https://phishdestroy.io/domain/slon14at.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slon14at.net/
Last updated: 2026-03-19