# ethget.top — MALICIOUS

> ethget.top is flagged as a medium-risk phishing domain. Currently offline, avoid interaction to protect your data and devices.

## Summary
PhishDestroy identifies ethget.top as a generic phishing domain aimed at deceiving users into divulging sensitive information. Classified with a medium risk level, this domain was registered on February 21, 2026, and has been associated with malicious activities typical of phishing campaigns. The goal of such domains is often to impersonate legitimate services to steal credentials or financial data.

Technical analysis reveals that ethget.top was flagged by multiple security vendors and appears on four separate security blocklists, indicating widespread recognition of its malicious intent. The domain was registered through a dead domain registrar, which may suggest attempts to obscure ownership or reduce traceability. VirusTotal data reports that a subset of security providers detected phishing-related behavior, reinforcing the domain’s threat classification.

Currently, ethget.top is taken offline, reducing the immediate risk of exposure. However, its presence on multiple blocklists and historical activity underline the importance of ongoing vigilance. Users and security tools should continue to block or monitor this domain to prevent any potential resurgence or copycat attacks. PhishDestroy recommends avoiding any interaction with ethget.top and staying informed about similar phishing threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Check Eligibility for 40 ETH Airdrop | Lido

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dead domain
- IP: 104.21.27.230
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["alphaMountain.ai", "CyRadar", "Fortinet", "G-Data", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0197b34e-90c9-7670-a709-7fff55587b9c.png
- PhishDestroy: https://phishdestroy.io/domain/ethget.top/
- LLM endpoint: https://phishdestroy.io/domain/ethget.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ethget.top/
Last updated: 2026-03-16