# lnstagramcom572.github.io — MALICIOUS

> lnstagramcom572.github.io is a brand impersonation site flagged as a crypto drainer by 18/95 VirusTotal vendors.

## Summary
PhishDestroy identifies lnstagramcom572.github.io as a HIGH-RISK brand impersonation domain engineered for credential theft and crypto drainer attacks. This site masquerades as Instagram to deceive users into surrendering login credentials or transferring cryptocurrency to attacker-controlled wallets. The domain is currently ACTIVE and employs evasion tactics to bypass security measures, making it dangerous for unsuspecting visitors.

Security intelligence confirms this domain exhibits multiple red flags. VirusTotal’s detection score stands at 18/95 security vendors, including classifications under SOCIAL_ENGINEERING by Google Safe Browsing. Hosted on GitHub Pages (IP 185.199.111.153), the domain leverages a Let’s Encrypt SSL certificate to appear legitimate. It is blocked by the OISD blocklist and appears on at least one additional security blocklist, indicating widespread recognition as a malicious entity. The use of a GitHub subdomain (github.io) further illustrates attackers’ preference for reputable services to host malicious infrastructure.

Users should immediately avoid interacting with lnstagramcom572.github.io to prevent credential compromise or unauthorized crypto transfers. If you accessed this domain, disconnect your device from the internet, scan for malware, and revoke any session tokens or API keys exposed to the site. Report this domain to your security team or platform abuse channels (e.g., GitHub, Instagram). Always verify URLs carefully and use bookmarks or official apps for login pages.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.111.153

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a32f8dde-895e-45fb-9569-716d2ce21467
- PhishDestroy: https://phishdestroy.io/domain/lnstagramcom572.github.io/
- LLM endpoint: https://phishdestroy.io/domain/lnstagramcom572.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lnstagramcom572.github.io/
Last updated: 2026-03-29