# alyeldin22.github.io — MALICIOUS > PhishDestroy identifies alyeldin22.github.io as an active credential harvesting scam. This GitHub-hosted site uses a Let's Encrypt SSL certificate and has a. ## Summary PhishDestroy identifies alyeldin22.github.io as an active credential harvesting domain hosted on GitHub Pages. This domain is currently leveraging a fraudulent login interface to steal user credentials under the guise of a legitimate service or prompt. No specific brand or drainer kit has been directly linked to this campaign, but the infrastructure follows common phishing patterns observed in credential theft operations. The site's GitHub repository and domain structure suggest an attempt to exploit trust in the GitHub Pages platform to lower victim vigilance. This domain was flagged by PhishDestroy with a VirusTotal detection score of 15/95 security vendors, indicating partial but not universal recognition as malicious. It was registered through GitHub, Inc., resolving to IP address 185.199.108.153 behind a Let's Encrypt SSL certificate. The domain is served over HTTPS, which may enhance its perceived legitimacy. While the exact creation date is not publicly disclosed, its active status and recent detection by PhishDestroy confirm recent deployment. Google Safe Browsing (GSB) status is not confirmed in public feeds, and the domain has likely been active for a short duration given the low blocklist coverage. The domain remains active as of the latest intelligence. PhishDestroy recommends immediate blacklisting of 185.199.108.153 and alyeldin22.github.io across network and endpoint defenses. Users should avoid accessing this domain and report any suspicious login prompts. The evolving nature of GitHub Pages abuse and the mixed VirusTotal detection score suggest this campaign may expand or adapt. Remaining risk is elevated due to the domain's active status, SSL encryption, and partial detection coverage, warranting heightened user and organizational vigilance. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/alyeldin22.github.io - PhishDestroy: https://phishdestroy.io/domain/alyeldin22.github.io/ - LLM endpoint: https://phishdestroy.io/domain/alyeldin22.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/alyeldin22.github.io/ Last updated: 2026-04-09