# ecommerce-clone-gules.vercel.app — SUSPICIOUS > ecommerce-clone-gules.vercel.app involved in credential theft with 0/95 VirusTotal detections but listed on 2 blocklists. Stay alert and avoid interaction. ## Summary The domain ecommerce-clone-gules.vercel.app has been identified as involved in a credential theft scheme. While it does not impersonate a specific brand or utilize a known drainer kit, the domain poses a general phishing threat aimed at harvesting user credentials through a cloned ecommerce interface or similar deceptive means. There is no direct linkage to a particular brand, but the threat remains significant due to its active status and domain registration details. ecommerce-clone-gules.vercel.app currently has a VirusTotal detection score of 0 out of 95, indicating no antivirus or security engines have flagged it yet. The domain was registered through Vercel Inc. and resolves to the IP address 64.29.17.131. It holds an SSL certificate issued by Google Trust Services, which may lend it an appearance of legitimacy. Despite the low VT detections, it appears on two security blocklists and is actively blocked by OpenPhish and OISD, confirming its malicious classification. There is no clear information on the domain's creation date, but the active blocking shows ongoing monitoring by security entities. At present, ecommerce-clone-gules.vercel.app is under investigation with an active status, indicating continued threat potential. Security analysts recommend that users avoid visiting or interacting with this domain, as credential theft attempts could compromise sensitive personal or financial information. Organizations should ensure their security filters and endpoint protections incorporate the latest blocklists including OpenPhish and OISD to prevent access. The domain’s SSL and hosting on reputable infrastructure highlight the need for caution even when sites appear secure. Continued vigilance and prompt blocking remain the best defenses against the risks posed by this domain. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Vercel Inc. - IP: 64.29.17.131 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["OpenPhish", "OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/ecommerce-clone-gules.vercel.app - PhishDestroy: https://phishdestroy.io/domain/ecommerce-clone-gules.vercel.app/ - LLM endpoint: https://phishdestroy.io/domain/ecommerce-clone-gules.vercel.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ecommerce-clone-gules.vercel.app/ Last updated: 2026-04-04