# dervi-emprende12-j4zmmm1.vercel.app — MALICIOUS > dervi-emprende12-j4zmmm1.vercel.app is a crypto drainer phishing site that mimics legitimate services to steal funds. 13/95 VirusTotal engines flag it. ## Summary PhishDestroy identifies dervi-emprende12-j4zmmm1.vercel.app as a live crypto-draining phishing page that pretends to be a legitimate business tool. When accessed, the site prompts users to connect a cryptocurrency wallet under the guise of an “airdrop” or “investment opportunity,” then silently drains tokens via a malicious smart-contract call. Google Safe Browsing already labels it SOCIAL_ENGINEERING, and 13 out of 95 VirusTotal security vendors have blacklisted the domain, confirming its malicious intent. This domain was flagged by Google Safe Browsing on SOCIAL_ENGINEERING grounds and resolves to IP 64.29.17.3. Its SSL certificate is issued by Google Trust Services, indicating it uses valid HTTPS to appear trustworthy. The page is hosted on Vercel Inc.’s platform and was registered very recently, as indicated by the dervi-emprende12-j4zmmm1 subdomain pattern typical of short-lived phishing campaigns. Indicators such as the high VirusTotal detection rate and the SOCIAL_ENGINEERING flag strongly suggest the site is actively being used to target cryptocurrency users. If you visited dervi-emprende12-j4zmmm1.vercel.app, immediately disconnect your wallet from any dApp or site you were on, revoke any suspicious token approvals using a reputable revoke tool, and run a malware scan on your device. Do not enter any seed phrase or private key anywhere on the page. Report the domain to PhishDestroy for further analysis so others can be warned. Always verify cryptocurrency-related URLs in a dedicated safety tool before interacting. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Vercel Inc. - IP: 64.29.17.3 ## Detection Status - VirusTotal: 13 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2f5251fb-141a-4f3d-83f8-c3269c41afb2 - PhishDestroy: https://phishdestroy.io/domain/dervi-emprende12-j4zmmm1.vercel.app/ - LLM endpoint: https://phishdestroy.io/domain/dervi-emprende12-j4zmmm1.vercel.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/dervi-emprende12-j4zmmm1.vercel.app/ Last updated: 2026-04-01