# getledg-us.pages.dev — SUSPICIOUS

> getledg-us.pages.dev is linked to credential theft targeting crypto users. VirusTotal shows 0/95 detections. Exercise caution and verify URLs carefully.

## Summary
The domain getledg-us.pages.dev has been identified as involved in a credential theft campaign, specifically targeting users in the cryptocurrency sector. While no direct brand impersonation or drainer kits have been confirmed, the domain’s naming convention suggests an attempt to mimic legitimate crypto-related services to deceive victims into disclosing sensitive login information.

Technical analysis reveals that getledg-us.pages.dev currently holds a VirusTotal detection score of 0/95, indicating it has not yet been flagged by major antivirus engines. The domain is registered through Cloudflare, Inc. and is protected by an SSL certificate issued by Google Trust Services, lending it a superficial appearance of legitimacy. It resolves to the IP address 188.114.96.3. Although the creation date of the domain is not specified, no Google Safe Browsing (GSB) warnings or blocklist entries have been reported at this time.

The domain’s status remains active and under investigation. Given the absence of detections on VirusTotal and no blocklist reports, this threat may be in early stages or employing evasion tactics. Users are advised to remain vigilant, avoid entering credentials on suspicious pages, and verify URLs when accessing crypto platforms. Security teams should monitor the domain for emerging indicators of compromise and consider proactive blocking until further assessment is completed.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0bfcce5d-17c6-4a95-b456-e30eee0a2f37
- PhishDestroy: https://phishdestroy.io/domain/getledg-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/getledg-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/getledg-us.pages.dev/
Last updated: 2026-03-24