# rohanmore20.github.io — MALICIOUS

> rohanmore20.github.io is a generic phishing domain flagged by 18 of 95 VirusTotal vendors. It mimics legitimate services to steal credentials.

## Summary
PhishDestroy identifies the domain rohanmore20.github.io as an active generic phishing site posing elevated risk to users.

This domain is flagged by 18 of 95 VirusTotal vendors and was registered through GitHub, Inc. It resolves to IP 185.199.108.153, uses a Let’s Encrypt SSL certificate, and appears on 1 security blocklist. The site has no verifiable legitimate affiliation and is designed to deceive users into entering sensitive information.

Current status remains active, with confirmed malicious intent. Users are advised to avoid accessing rohanmore20.github.io and to verify any unexpected links against known legitimate sources. Security teams should block this domain at the network perimeter and update detection signatures using the provided IP and domain indicators. Report any exposure incidents to relevant security operations centers immediately.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e83cb8b8-c6fc-4b90-adef-dc59f89990b8
- PhishDestroy: https://phishdestroy.io/domain/rohanmore20.github.io/
- LLM endpoint: https://phishdestroy.io/domain/rohanmore20.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rohanmore20.github.io/
Last updated: 2026-03-27