# snipeonsol.fun — SUSPICIOUS

> snipeonsol.fun impersonates Solana services. Avoid interacting with this offline domain and verify official sources to stay protected.

## Summary
PhishDestroy has identified snipeonsol.fun as a low-risk brand impersonation domain targeting the Solana cryptocurrency ecosystem. The domain markets itself as "Solana Sniper | Automated Solana Token Sniping," aiming to deceive users into believing it is associated with the legitimate Solana brand. This classification is based on the domain’s use of Solana-related branding and terminology to attract users interested in token sniping tools.

From a technical perspective, snipeonsol.fun was registered on March 2, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com. It resolves to the IP address 104.21.5.167 and has been flagged on three distinct security blocklists. VirusTotal analysis shows 2 out of 95 security vendors detecting suspicious activity associated with this domain, indicating a minor but notable threat footprint. These indicators suggest potential misuse for phishing or fraudulent token-sniping services designed to mislead cryptocurrency users.

Currently, snipeonsol.fun is offline, which reduces immediate risk to users. However, its prior presence on multiple blocklists and the brand impersonation tactic warrant caution. Users and security teams should continue to monitor similar domains and avoid any interaction with snipeonsol.fun. Verification against official Solana channels is recommended before engaging with any token-sniping or related cryptocurrency services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: Solana
- Page title: Solana Sniper | Automated Solana Token Sniping

## Domain Intelligence
- Registered: 2026-03-02 15:00:01
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 104.21.5.167
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dimitris.ns.cloudflare.com khloe.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/zHT9hv44/7824278bcfd4.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/ecfde8d8-860b-4fb7-b610-008d4b6eea67
- PhishDestroy: https://phishdestroy.io/domain/snipeonsol.fun/
- LLM endpoint: https://phishdestroy.io/domain/snipeonsol.fun/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/snipeonsol.fun/
Last updated: 2026-03-19