# win-flax.vercel.app — MALICIOUS

> win-flax.vercel.app is linked to phishing activity. Avoid sharing personal details on this site and verify URLs carefully to stay safe online.

## Summary
PhishDestroy identifies win-flax.vercel.app as an active phishing domain with a medium risk level, connected to generic phishing threats. Phishing remains a significant concern as it tricks users into divulging sensitive information, which can lead to identity theft, financial loss, or unauthorized account access. The presence of this domain in phishing databases underscores the ongoing efforts to deceive users using seemingly legitimate web resources.

The domain win-flax.vercel.app resolves to the IP address 64.29.17.195 and is registered through Vercel Inc., a popular platform for deploying websites and applications. VirusTotal analysis indicates that 9 out of 95 security vendors have flagged this domain, suggesting credible evidence of malicious activity. The use of Vercel’s infrastructure can make detection more challenging due to its legitimate services, which attackers may exploit to host phishing content temporarily.

Users are advised to exercise caution by avoiding interaction with win-flax.vercel.app, refraining from entering any personal or financial information, and verifying URLs before proceeding. Security best practices include enabling multi-factor authentication, keeping software updated, and using reputable security tools that can detect such threats. Reporting suspicious domains like this to security platforms helps improve collective defenses against phishing attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP ?)
- Page title: Bell Business Site

## Domain Intelligence
- Registered: 2026-03-06 13:07:01
- Registrar: Vercel Inc.
- Country: US
- IP: 64.29.17.195
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WR1

## Detection Status
- VirusTotal: 21 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "DNS8", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "URLQuery", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc331-24a4-7782-b5a8-ac43e0d997ee.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/win-flax.vercel.app
- Wayback Machine: https://web.archive.org/web/https://win-flax.vercel.app
- PhishDestroy: https://phishdestroy.io/domain/win-flax.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/win-flax.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/win-flax.vercel.app/
Last updated: 2026-03-19