# espaminoles452543.vercel.app — MALICIOUS > espaminoles452543.vercel.app poses as a discreet meeting portal but is a credential-harvesting site. Security vendors including VirusTotal confirm 11/95 flags. ## Summary PhishDestroy identifies espaminoles452543.vercel.app as an active credential-harvesting domain with elevated risk. This site masquerades as a confidential meeting portal titled “Encuentroooss D1screetooss” to trick users into submitting login credentials. The domain is registered via Vercel Inc. and resolves to IP 64.29.17.195. It holds a Google Trust Services SSL certificate, yet security vendors are highly cautious, with 11 out of 95 flagging this domain. No blocklist data was provided, but the low trust score and high VT detection ratio strongly correlate with malicious intent. The presence of a valid SSL certificate suggests an attempt to appear legitimate, a common tactic in modern phishing campaigns. This domain is currently active and should be treated with extreme caution. The combination of a deceptive page title, trusted SSL issuer, and high VT detection ratio indicates a sophisticated phishing operation. The use of a Vercel subdomain may be leveraged to bypass traditional domain-based filtering. The IP address 64.29.17.195 is associated with Vercel’s infrastructure, which is often abused by threat actors to host phishing pages due to Vercel’s legitimate reputation. The page title’s misspelling (“Encuentroooss D1screetooss”) is a linguistic cue intended to evade keyword-based detection while maintaining visual similarity to target language phrases. To mitigate risk, users should avoid accessing this domain entirely. Organizations should block espaminoles452543.vercel.app at the network perimeter using DNS filtering or firewall rules referencing the domain and IP 64.29.17.195. If credentials were entered, immediately reset passwords on all related accounts and enable multi-factor authentication. Report this domain to your organization’s threat intelligence team or to platforms like Google Safe Browsing, PhishTank, or your email security provider. Monitor for follow-on spear-phishing attempts targeting users who may have fallen victim. This domain should be considered hostile until independently verified as safe. ## Threat Details - Verdict: MALICIOUS - Site status: cloaking (HTTP ?) - Page title: Encuentroooss D1screetooss ## Domain Intelligence - Registrar: Vercel Inc. - IP: 64.29.17.195 ## Detection Status - VirusTotal: 11 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/da6c9fa2-5fcf-487c-90c7-1bc030284d47 - PhishDestroy: https://phishdestroy.io/domain/espaminoles452543.vercel.app/ - LLM endpoint: https://phishdestroy.io/domain/espaminoles452543.vercel.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/espaminoles452543.vercel.app/ Last updated: 2026-04-14