# grants-ui.pages.dev — SUSPICIOUS

> grants-ui.pages.dev is linked to credential theft with 0/95 VirusTotal detections so far. Users should exercise caution and avoid engagement.

## Summary
PhishDestroy identifies grants-ui.pages.dev as a domain involved in credential theft targeting unsuspecting victims. While no specific brand impersonation or crypto drainer kits have been linked to it yet, the domain’s design and intent focus on harvesting login credentials from users. The absence of known drainer kits suggests early-stage or generic phishing tactics aimed primarily at capturing sensitive user information.

grants-ui.pages.dev currently holds a VirusTotal detection rate of 0 out of 95 scanners, indicating it has not yet been flagged by major security vendors. The domain is registered through Cloudflare, Inc. and resolves to IP address 172.66.47.35. The SSL certificate securing the site is issued by Google Trust Services, lending it a seemingly legitimate appearance. There is no explicit data on the domain’s creation date or Google Safe Browsing status available, and it does not appear on public blocklists at this time.

The status of grants-ui.pages.dev remains active and under investigation due to its ongoing credential theft threat. Despite the zero detection count on VirusTotal, the domain’s registration through a reputable provider and valid SSL may facilitate successful deception of users. Security teams and end users are advised to remain vigilant, avoid submitting credentials, and report suspicious activity. Continuous monitoring and precautionary blocking measures are recommended until a definitive classification and mitigation are completed.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.35

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8f81082f-4c43-4af9-9345-3b40f7ac78fd
- PhishDestroy: https://phishdestroy.io/domain/grants-ui.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/grants-ui.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/grants-ui.pages.dev/
Last updated: 2026-03-25