# slon4e.com — MALICIOUS

> slon4e.com is identified as a medium-risk phishing site. Stay informed and protect your data from this active malicious domain.

## Summary
PhishDestroy has detected that the domain slon4e.com poses a medium-level phishing risk. Phishing attacks like this aim to deceive users by mimicking legitimate websites to steal sensitive information such as login credentials, financial data, or personal details. Users visiting this domain may unknowingly expose themselves to fraud or identity theft.

This particular phishing domain, registered through NiceNIC International Group Co., Limited on March 13, 2026, remains active and has appeared on one security blocklist. It resolves to the IP address 188.114.96.3 and has been flagged by 9 out of 95 VirusTotal security vendors. The page title "slon4.at" suggests it mimics or relates to another site, possibly to gain user trust or facilitate social engineering attacks. Such sites often employ deceptive layouts and convincing messages to lure victims into submitting private information.

If you have recently visited slon4e.com, avoid entering any personal data and scan your devices for malware or spyware. Change any passwords that might have been compromised and monitor your accounts for suspicious activity. Reporting the domain to your security team or relevant authorities can also help prevent further victimization. Staying vigilant and verifying site authenticity before sharing sensitive information is essential to staying safe from phishing campaigns like this one.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: slon4.at

## Domain Intelligence
- Registered: 2026-03-13 03:07:02
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["malavika.ns.cloudflare.com", "watson.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 9 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CRDF", "CyRadar", "ESET", "Fortinet", "Gridinsoft", "Kaspersky", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce541-49ce-7620-b132-6d76f79a8994.png
- PhishDestroy: https://phishdestroy.io/domain/slon4e.com/
- LLM endpoint: https://phishdestroy.io/domain/slon4e.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slon4e.com/
Last updated: 2026-03-19