# slokn9.cc — SUSPICIOUS > slokn9.cc operates as a crypto drainer under generic_phishing with 0/95 VirusTotal detections. SSL-backed domain hosted on 141.98.234.104. Block immediately. ## Summary PhishDestroy identifies slokn9.cc as an active crypto drainer posing as a legitimate login portal, warranting under_investigation status. This domain exhibits multiple indicators of malicious intent. Registered on February 19, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED, slokn9.cc resolves to IP address 141.98.234.104 and utilizes a Let's Encrypt SSL certificate. VirusTotal currently shows 0/95 detections, suggesting no widespread recognition by antivirus engines, while the domain remains unlisted on major blocklists. The current trust score remains critically low due to the fresh registration date and absence of established reputation. Crypto drainers like slokn9.cc typically employ deceptive login interfaces to harvest wallet credentials or private keys directly from victims. Immediate mitigation includes blocking the domain at DNS and firewall levels, inspecting network traffic for connections to 141.98.234.104, and flagging the SSL certificate for review. User awareness campaigns should emphasize verifying domain authenticity before entering sensitive wallet information. Organizations should implement browser isolation for crypto-related sites and monitor for anomalous outbound connections to this IP range. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-19 11:21:50 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 141.98.234.104 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/989a582a-7679-4837-952a-41062204b97f - PhishDestroy: https://phishdestroy.io/domain/slokn9.cc/ - LLM endpoint: https://phishdestroy.io/domain/slokn9.cc/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/slokn9.cc/ Last updated: 2026-03-28