# giftdonate.online — MALICIOUS

> giftdonate.online was flagged as a high-risk phishing site. Learn about its indicators and why it was removed to protect users from scams.

## Summary
PhishDestroy identifies giftdonate.online as a high-risk generic phishing domain created on March 6, 2026. This suspicious site was designed to deceive users by mimicking legitimate donation platforms, aiming to steal sensitive information. Its classification as phishing stems from its intent and similarity to fraudulent campaigns targeting unsuspecting victims.

Technical indicators reveal that giftdonate.online resolved to IP address 198.54.115.48 and was registered through NameCheap, Inc., a popular registrar often abused by threat actors. The domain appeared on at least one security blocklist and was assigned a very low trust score of 1/100 by Gridinsoft. VirusTotal flagged the domain by 14 out of 95 security vendors, confirming its malicious nature and widespread recognition among cybersecurity tools.

Currently, giftdonate.online has been taken offline, effectively neutralizing its threat to potential victims. This swift action follows its detection and listing on security blocklists, preventing further phishing attempts. Users are advised to remain vigilant, avoid interacting with suspicious donation-related domains, and rely on verified platforms to safeguard personal and financial information.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)

## Domain Intelligence
- Registered: 2026-03-06 13:07:01
- Registrar: NameCheap, Inc.
- Country: US
- IP: 198.54.115.48
- IP Country: US
- IP City: Phoenix
- IP Org: AS22612 Namecheap, Inc.
- Nameservers: ["dns1.namecheaphosting.com", "dns2.namecheaphosting.com"]
- SSL Issuer: Sectigo Limited / Sectigo Public Server Authentication CA DV R36

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "SOCRadar", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/Gvyrz5LZ/b10c45d47560.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/giftdonate.online
- Wayback Machine: https://web.archive.org/web/https://giftdonate.online
- PhishDestroy: https://phishdestroy.io/domain/giftdonate.online/
- LLM endpoint: https://phishdestroy.io/domain/giftdonate.online/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/giftdonate.online/
Last updated: 2026-03-19