# anjani-kumar75.github.io — MALICIOUS

> anjani-kumar75.github.io is a live PayPal phishing page hosted on GitHub, flagged by 15 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies anjani-kumar75.github.io as an active PayPal brand impersonation phishing domain. This site is currently operational and poses a high-risk threat to users through deception and credential theft. The campaign leverages social engineering tactics to mimic PayPal’s login interface and harvest sensitive account information.


This domain was flagged by 15 of 95 VirusTotal security vendors, including Google Safe Browsing’s SOCIAL_ENGINEERING classification. It is registered through GitHub, Inc., resolving to IP 185.199.110.153 with a Let’s Encrypt SSL certificate. The domain is active and appears on 1 security blocklist, indicating confirmed malicious activity. VirusTotal detection ratios and Safe Browsing flags confirm its fraudulent nature.


This phishing site remains active and continues to pose a direct threat to users who interact with it. GitHub-hosted infrastructure is leveraged to lend false legitimacy to the scam. Users are advised to avoid clicking links in unsolicited emails or messages claiming to originate from PayPal. Verify communications directly through PayPal’s official website or secure app, enable multi-factor authentication, and report suspicious activity to PayPal and local cybersecurity authorities. Network defenders should block this domain at the firewall and update security policies to include automated inspection of GitHub.io subdomains referencing financial services.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.110.153

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/830af5e5-0702-4c2d-8e7d-2dbf3620e407
- PhishDestroy: https://phishdestroy.io/domain/anjani-kumar75.github.io/
- LLM endpoint: https://phishdestroy.io/domain/anjani-kumar75.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/anjani-kumar75.github.io/
Last updated: 2026-04-14