# ankitkumar123420.github.io — MALICIOUS

> ankitkumar123420.github.io hosts a credential theft phishing page targeting unsuspecting users. Flagged by 16 of 95 VirusTotal vendors, this domain is active.

## Summary
ankitkumar123420.github.io — Credential Theft Investigation Report

PhishDestroy identifies ankitkumar123420.github.io as an active credential theft phishing domain. The site is currently operational and designed to harvest user credentials under false pretenses. This domain was flagged as a high-risk threat by multiple security vendors and is confirmed to be engaged in malicious activity aimed at deceiving users into surrendering sensitive login information.

This domain was flagged by 16 of 95 VirusTotal vendors, including Google Safe Browsing under the SOCIAL_ENGINEERING category. It is registered through GitHub, Inc., resolves to IP 185.199.109.153, and utilizes a Let's Encrypt SSL certificate for added legitimacy. The domain was created recently and has already accumulated multiple blocklist entries across threat intelligence platforms. Security trust scores for this domain are critically low, reflecting its high-risk nature.

PhishDestroy strongly recommends immediate avoidance of this domain. Users who may have interacted with this site should reset passwords for any accounts potentially exposed and enable multi-factor authentication where available. Security teams should block this domain at the network level using IP 185.199.109.153 and domain ankitkumar123420.github.io. This domain should be treated as a confirmed threat and reported to relevant authorities or threat intelligence platforms for further takedown action.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.109.153

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/ankitkumar123420.github.io
- PhishDestroy: https://phishdestroy.io/domain/ankitkumar123420.github.io/
- LLM endpoint: https://phishdestroy.io/domain/ankitkumar123420.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ankitkumar123420.github.io/
Last updated: 2026-04-08