# phgalaxyone.tech — SUSPICIOUS > phgalaxyone.tech is a credential harvesting scam site flagged by 1 of 95 VirusTotal vendors. Users should avoid entering personal data on this domain. ## Summary phgalaxyone.tech is identified as an active credential harvesting scam posing as a legitimate service. The domain is currently operational and designed to deceive users into submitting sensitive login credentials under false pretenses. Security agencies classify this as an elevated threat due to its active status and the potential for widespread victimization. This domain was flagged by 1 of 95 VirusTotal security vendors, indicating limited but confirmed malicious activity. It is registered through NAME DOT STORE INC, resolves to IP 185.111.111.154, and was created on March 08, 2026. The domain uses a Let's Encrypt SSL certificate, which may mislead users into believing the site is trustworthy. Additional risk factors include the domain's recent creation and its association with a suspicious IP address known for hosting malicious infrastructure. The current status of phgalaxyone.tech remains active, and immediate action is required to mitigate risks. Users are strongly advised to avoid accessing this domain and to report it to their cybersecurity teams or relevant authorities. Organizations should block the domain at the network level and investigate any potential exposure within their environments. The combination of a recently registered domain, low VirusTotal detection rate, and ties to a high-risk IP address suggests this is an emerging threat that requires urgent attention. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-08 10:47:00 - Registrar: NAME DOT STORE INC - IP: 185.111.111.154 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/64a8ef39-870d-4c6d-8ae3-0efb542a5390 - PhishDestroy: https://phishdestroy.io/domain/phgalaxyone.tech/ - LLM endpoint: https://phishdestroy.io/domain/phgalaxyone.tech/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/phgalaxyone.tech/ Last updated: 2026-03-22