# usdtvault.us — SUSPICIOUS

> Investigate usdtvault.us risks and phishing potential. Learn why this domain is under investigation for suspicious activity now.

## Summary
PhishDestroy identifies usdtvault.us as an active domain under investigation for generic phishing threats. The current risk level remains uncertain as investigations continue to assess its intent and potential harm.

Although usdtvault.us is not flagged by any security vendors on VirusTotal—showing zero detections—the domain's recent creation date (March 3, 2026) and registration through Spaceship, Inc. raise caution. It resolves to the IP 172.245.81.106, which may be linked to transient hosting often favored by malicious actors. These factors combined support the hypothesis that the domain could be used in phishing campaigns despite the lack of immediate detection.

Users and organizations are advised to exercise caution when interacting with usdtvault.us or any unsolicited communications referencing it. Security teams should monitor the domain for suspicious activity and block it if phishing indicators emerge. The domain’s status remains active and under ongoing scrutiny to determine its final classification and threat potential.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: VaultUSDT - Private. Secure. Invite-Only.

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: Spaceship, Inc.
- Country: US
- IP: 172.245.81.106
- IP Country: US
- IP City: Buffalo
- IP Org: AS36352 HostPapa
- Nameservers: launch1.spaceship.net launch2.spaceship.net
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc299-07b3-7097-9705-860dd07e329f.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/usdtvault.us
- Wayback Machine: https://web.archive.org/web/https://usdtvault.us
- PhishDestroy: https://phishdestroy.io/domain/usdtvault.us/
- LLM endpoint: https://phishdestroy.io/domain/usdtvault.us/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/usdtvault.us/
Last updated: 2026-03-19