# slon10.cc — SUSPICIOUS

> slon10.cc is pushing a new credential theft phishing campaign — flagged by 0 of 95 VirusTotal vendors. Block it now.

## Summary
PhishDestroy identifies slon10.cc as a recently registered domain involved in an active credential theft campaign. The infrastructure is currently live and under investigation. No specific brand has been confirmed as impersonated at this time. The domain remains unblocked and poses a direct risk to unsuspecting users.


This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it remains undetected by security engines. It was registered through Web Commerce Communications Limited dba WebNic.cc, resolved to IP 64.190.63.222, and obtained an SSL certificate from DigiCert Inc. The domain was created on February 11, 2026, making it a very recent registration. Trust scores, blocklist status, and historical reputation data are pending further analysis.


The current status of slon10.cc is active and under investigation. Users are advised to avoid accessing this domain immediately. Network defenders should implement network-level blocking for the domain and IP address. Enhanced monitoring for credential harvesting attempts leveraging this domain is strongly recommended. Enterprises should update firewall rules, DNS sinkholes, and threat intelligence feeds with these indicators to prevent initial access or data exfiltration attempts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-11 15:09:27
- Registrar: Web Commerce Communications Limited dba WebNic.cc
- IP: 64.190.63.222

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2b1ac500-11b7-4070-ba8d-922321f4584e
- PhishDestroy: https://phishdestroy.io/domain/slon10.cc/
- LLM endpoint: https://phishdestroy.io/domain/slon10.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slon10.cc/
Last updated: 2026-03-28