# user.baseroomhub.net — SUSPICIOUS > PhishDestroy identifies user.baseroomhub.net as an active credential-harvesting site. VirusTotal score: 0/95 detections. Check the full report. ## Summary PhishDestroy identifies user.baseroomhub.net as a newly active credential-harvesting portal masquerading as a legitimate login interface. This domain, registered on January 12, 2026 through PDR Ltd. d/b/a PublicDomainRegistry.com, exhibits hallmarks of a low-volume, targeted phishing operation designed to harvest user credentials under the guise of a trusted service. The infrastructure, hosted on IP 188.114.96.3 and secured with a Google Trust Services SSL certificate, lends superficial legitimacy to the malicious site, increasing the likelihood of successful deception. While the domain remains undetected by antivirus engines as of the latest scan, its active status and recent creation suggest it is currently being used in live phishing campaigns. This domain poses a HIGH IMMEDIATE RISK to users who may encounter it through deceptive emails, fake ads, or compromised redirects. Technical indicators include a clean VirusTotal scan result of 0 detections out of 95 engines, indicating it has not yet been widely flagged despite its active deployment. The domain was registered just days ago, exploiting the lag between domain creation and detection by security tools. With no current blocklist presence, the site remains accessible to unsuspecting victims, who may unknowingly submit sensitive login credentials to threat actors. The use of a valid SSL certificate further obfuscates the malicious nature of the site, making it harder for users to visually identify the threat. If you have visited user.baseroomhub.net or entered any credentials on the page, IMMEDIATELY change passwords on all associated accounts and enable multi-factor authentication where available. Monitor accounts for suspicious activity, including unauthorized logins or transactions, and consider running a malware scan on your device. Report the domain to your IT security team or through PhishDestroy’s submission portal to aid in broader threat intelligence. Avoid interacting with the domain further, as it continues to pose a risk to visitors. Proactive vigilance and rapid response are critical to mitigating the impact of this credential-harvesting campaign. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-12 13:39:21 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/user.baseroomhub.net - PhishDestroy: https://phishdestroy.io/domain/user.baseroomhub.net/ - LLM endpoint: https://phishdestroy.io/domain/user.baseroomhub.net/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/user.baseroomhub.net/ Last updated: 2026-04-10