# khurxram.github.io — MALICIOUS

> Security analysts flag khurxram.github.io for fake login phishing. 14 of 95 VirusTotal vendors detected this threat. Check the full report.

## Summary
PhishDestroy identifies the active fake login phishing domain khurxram.github.io operating at high risk.

This domain was flagged by Google’s Safe Browsing system under the SOCIAL_ENGINEERING category and detected by 14 of 95 VirusTotal security vendors. Registered through GitHub, Inc., the site resolves to IP address 185.199.108.153 and holds a valid Let’s Encrypt SSL certificate. The presence of multiple blocklist flags combined with low trust scores signals ongoing abuse.

The site’s technical indicators—including domain age (created via GitHub Pages), hosting infrastructure, and certificate issuance—support its classification as a fraudulent login portal. Current status remains active, enabling credential theft and user deception. Users are urged to avoid interacting with this domain and report any suspected exposure. Organizations should block 185.199.108.153 at the network perimeter and update phishing filters accordingly.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/01b21097-d97f-4052-a414-6e6774d64a64
- PhishDestroy: https://phishdestroy.io/domain/khurxram.github.io/
- LLM endpoint: https://phishdestroy.io/domain/khurxram.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/khurxram.github.io/
Last updated: 2026-03-26