rogr.vercel.app

https://rogr.vercel.app/

216.198.79.195 · Vercel, Inc

Location

Walnut, United States

Domain Age

—

HTTP

200 · 25.8s

SSL

Valid· WR1, Google Trust Services, US

Status

COMPLETED

Visual Evidence

Zoom

Title: "Sign in with your Yahoo Rogers credentials"

Save

Registered-domain escalation

Submit vercel.app as the primary IOC, enriched with evidence from hostile subdomains like rogr.vercel.app.

Take this site down

Report to 50+ vendors instantly

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

Yahoo Rogers

Credential Phishing

finance | technology | ecommerce | cryptocurrency | telecommunications · 4/5/2026

Summary

The page at rogr.vercel.app presents a Yahoo Rogers credential sign‑in UI, using a Rogers/Yahoo branding image and title but is hosted on the non‑official domain vercel.app. The page title explicitly references Yahoo Rogers credentials, and the UI imitates a legitimate login flow to harvest credentials. This is a typosquat/imitation phishing site designed to capture user credentials for Yahoo Rogers.

Attack Techniques (5)

Domain impersonation on a non-official host (rogr.vercel.app vs official Yahoo Rogers domain)Cloned login UI with brand logos/assets (Rogers/Yahoo branding) loaded from the page and internal assetsSPA-like login form with password field and credential capture flowBrand name present in page title and content to deceive usersExternal assets and scripts loaded to mimic legitimate service (email.js, app.js, bootstrap, fonts) to resemble a real login page

Indicators of Compromise (7)

▸Domain: rogr.vercel.app (IOC)

▸Page title: 'Sign in with your Yahoo Rogers credentials' (brand impersonation)

▸Logo asset: rogr.vercel.app/assets/rogers.png (brand cloning)

▸Login form present with username and password fields (credential collection)

▸External script and asset names: email.js, app.js, bootstrap.bundle.min.js (SPA-like impersonation)

▸SSL: valid issuance to vercel.app domain with recent validity window

▸IP address resolved to a Vercel IP hosting platform (risk factor for abuse hosting)

Risk AssessmentUsed in abuse reports

The site rogr.vercel.app is impersonating Yahoo Rogers, using a Yahoo Rogers branding in the page title and UI while hosted on a non-official domain. The page contains a password input and a functional login form, loaded entirely via static HTML and JavaScript bundles, indicating a credential harvesting page. The hosting domain is a known abuse-hosting platform (Vercel) and the SSL certificate is valid for a short period, increasing the likelihood of misuse. This configuration constitutes a targeted phishing attempt to harvest Yahoo Rogers credentials and should be treated as high risk. Immediate action recommended: suspend_domain and block_url, followed by reporting to the registrar and reviewing hosting environment for abuse indicators, given the explicit brand impersonation signals and user-facing credential collection flow.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence