# slon6--c-c.ru — SUSPICIOUS

> slon6--c-c.ru is a crypto drainer impersonating brands. VT 0/95 detections, live since April 2026. Scan on PhishDestroy before use.

## Summary
PhishDestroy identifies slon6--c-c.ru as an active crypto drainer domain flagged for under investigation due to its use in illicit cryptocurrency theft operations. This domain poses a high risk to users interacting with it, as it likely mimics legitimate services to deceive victims into authorizing malicious transactions. Cryptocurrency drainers are sophisticated tools designed to siphon digital assets from unsuspecting users’ wallets, often through fake websites, fake login portals, or fake airdrop campaigns. Given its current status and the specific threat type, users should exercise extreme caution and avoid interacting with this domain entirely.  

This domain was flagged by PhishDestroy and shows 0 detections on VirusTotal out of 95 engines (VT 0/95), indicating it has not yet been widely recognized by security tools. The domain resolves to IP address 198.13.158.7 and is registered through REGRU-RU, a well-known hosting provider in Russia. slon6--c-c.ru was created on April 02, 2026 — a recent registration indicating potential opportunistic behavior. Despite using a legitimate SSL certificate from Let's Encrypt, which may lend false credibility, this domain has no record of inclusion on major blocklists as of now. Its low detection rate suggests it may still be in early deployment or actively evading detection. Trust and reputation scores for this domain remain critically low due to its association with a crypto drainer schema.  

To mitigate risk, users should immediately cease any interaction with slon6--c-c.ru and verify its status on PhishDestroy or similar threat intelligence platforms. If you have previously visited or used this domain, revoke any connected wallet permissions and transfer remaining funds to a secure wallet. Enable multi-factor authentication (MFA) on all accounts and use hardware wallets for high-value transactions. Report the domain to your local cybercrime unit and blockchain security platforms like Chainalysis or Etherscan if fraudulent transactions have occurred. Always cross-check domains against verified sources before entering personal or financial data — especially for cryptocurrency transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 07:46:59
- Registrar: REGRU-RU
- IP: 198.13.158.7

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/fa44907a-3a72-4c26-8721-70cd50929389
- PhishDestroy: https://phishdestroy.io/domain/slon6--c-c.ru/
- LLM endpoint: https://phishdestroy.io/domain/slon6--c-c.ru/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/slon6--c-c.ru/
Last updated: 2026-04-13