# ughfjdu-ten.vercel.app — MALICIOUS

> PhishDestroy identifies ughfjdu-ten.vercel.app as a credential theft domain, with 22 of 95 VirusTotal vendors flagging it. Analyze before interacting.

## Summary
PhishDestroy has identified ughfjdu-ten.vercel.app as a credential theft domain actively engaging in phishing campaigns. This subdomain, hosted on Vercel Inc.'s infrastructure, is designed to mimic legitimate services in an attempt to trick users into revealing sensitive login credentials or personal information. The domain resolves to IP address 216.198.79.67 and leverages a Google Trust Services SSL certificate to appear legitimate, a common tactic among threat actors to evade detection and build trust with potential victims. Analysis indicates this domain is part of a broader campaign targeting unsuspecting users, with the goal of harvesting credentials for subsequent fraudulent activities.  This domain was flagged by multiple security vendors, with 22 out of 95 VirusTotal engines detecting malicious activity. It has also been included on the OISD blocklist, further corroborating its malicious nature. The domain was created recently and registered through Vercel Inc., a legitimate cloud platform often exploited by threat actors for hosting phishing infrastructure due to its trusted reputation. The combination of a recent registration date, low detection ratio among vendors, and active hosting on a reputable platform highlights the sophisticated nature of this threat. Additionally, the domain's SSL certificate, issued by Google Trust Services, adds a layer of deception, making it harder for users to discern its malicious intent.  If you have visited ughfjdu-ten.vercel.app, immediately change any passwords or credentials that may have been entered on the site. Enable multi-factor authentication (MFA) on all accounts that support it, as this can provide an additional layer of security even if credentials were compromised. Monitor your accounts for any unusual activity, such as unauthorized transactions or changes to account settings. Consider running a malware scan on your device using reputable antivirus software to ensure no additional threats have been introduced. Finally, report the domain to your organization's security team or to relevant authorities, such as your country's cybercrime reporting center, to help prevent further victimization. Staying vigilant and proactive is key to mitigating the risks associated with credential theft domains like this one.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Vercel Inc.
- IP: 216.198.79.67

## Detection Status
- VirusTotal: 22 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/07003fbe-13e1-45e7-9324-d924cc3266ae
- PhishDestroy: https://phishdestroy.io/domain/ughfjdu-ten.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/ughfjdu-ten.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ughfjdu-ten.vercel.app/
Last updated: 2026-03-26