# zelcor.io — SUSPICIOUS

> Zelcor.io is a low-risk phishing domain linked to crypto wallets. Exercise caution and verify before engaging with the site.

## Summary
PhishDestroy identifies zelcor.io as a domain associated with generic phishing activity, currently assessed at a low risk level. The site purports to offer a multi-chain crypto wallet service, branding itself similar to legitimate platforms, which may mislead users seeking secure self-custodial wallet solutions.

The domain's infrastructure raises cautionary flags: it was registered recently on March 11, 2026, through HOSTINGER operations, UAB, a known registrar sometimes leveraged in fraudulent setups. Zelcor.io appears on three distinct security blocklists, though only one out of 95 VirusTotal engines has flagged it, indicating a need for further monitoring rather than immediate high threat designation. The domain resolves to IP 35.157.26.135, which is associated with hosting providers frequently used for temporary or potentially suspicious sites.

At present, zelcor.io remains active and accessible, suggesting that malicious actors may still be utilizing it for phishing attempts targeting crypto users. Individuals should exercise caution, avoid sharing private keys or login credentials, and rely on verified wallet platforms. Cybersecurity teams should consider blocking or monitoring traffic to this domain and educate users on the risks of engaging with recently created crypto wallet sites lacking established trust.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Multi-Chain Crypto Wallet - Self-Custodial | Zelcore | Zelcore - Secure Multi-Chain Crypto Wallet

## Domain Intelligence
- Registered: 2026-03-11 17:07:02
- Registrar: HOSTINGER operations, UAB
- Country: LT
- IP: 35.157.26.135
- IP Country: DE
- IP City: Frankfurt am Main
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: ["dns4.p08.nsone.net", "dns3.p08.nsone.net", "dns2.p08.nsone.net", "dns1.p08.nsone.net"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce201-796c-776f-b2d4-fa8ddc02284a.png
- PhishDestroy: https://phishdestroy.io/domain/zelcor.io/
- LLM endpoint: https://phishdestroy.io/domain/zelcor.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/zelcor.io/
Last updated: 2026-03-19