# slon3t.cc — SUSPICIOUS

> slon3t.cc is under investigation for credential theft with 0/95 VirusTotal detections. Users should avoid sharing personal data on this site.

## Summary
The domain slon3t.cc is currently identified as a potential credential theft scam. There is no specific brand impersonated, and no known use of a drainer kit such as a crypto drainer has been documented. The classification is generic phishing focused on stealing user credentials, which poses a risk to anyone who inputs sensitive information.

Technical indicators show that slon3t.cc has a VirusTotal detection ratio of 0 out of 95 antivirus engines, indicating it has not yet been flagged by major security vendors. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and has a Let's Encrypt SSL certificate. It resolves to the IP address 172.67.171.65, and the domain creation date is February 23, 2026. There is no Google Safe Browsing (GSB) status or blocklist count available to further confirm threat levels.

Currently, slon3t.cc remains active and under investigation, with no detections reported by VirusTotal at this time. Despite the clean VT score, the suspicion of credential theft warrants caution. Users are advised not to enter any personal or login credentials on this domain and to monitor for updates from security vendors. Organizations should consider blocking access to this domain until further analysis clarifies the risk or confirms it as safe.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-23 09:53:30
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.171.65

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/491af647-41a6-4df3-b895-1b13439210b8
- PhishDestroy: https://phishdestroy.io/domain/slon3t.cc/
- LLM endpoint: https://phishdestroy.io/domain/slon3t.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slon3t.cc/
Last updated: 2026-03-28