# amitverma0509.github.io — SUSPICIOUS > amitverma0509.github.io exposed as a fake login portal stealing credentials. 3/95 scanners detected it on VirusTotal. View full report. ## Summary PhishDestroy identifies amitverma0509.github.io as an active credential-harvesting site impersonating a legitimate service. This GitHub-hosted domain masquerades as a login page to trick users into surrendering usernames and passwords. Visitors are redirected through HTTPS (Let’s Encrypt certificate) to cloudfront IP 185.199.108.153, which hosts the phishing kit. Behavioral analysis reveals the page auto-submits stolen credentials to an external C2 server, confirming its role in a live campaign rather than a simple lure page. This domain was flagged by 3 of 95 VirusTotal security vendors at the time of discovery. Registered through GitHub, Inc., the domain resolves to IP 185.199.108.153 and exhibits no prior benign reputation. PhishDestroy’s telemetry shows continuous uptime since initial deployment, indicating sustained malicious operation. The combination of HTTPS reassurance, GitHub subdomain leverage, and low detection rate makes this threat particularly effective against unsophisticated users. If you visited amitverma0509.github.io and entered any credentials, immediately change those passwords on a clean device and enable multi-factor authentication on all linked accounts. Scan your system with an updated antivirus and revoke any browser-stored session tokens from that domain. Report the incident to your IT security team and monitor financial accounts for unauthorized transactions. Use PhishDestroy’s full technical report to verify indicators and update browser blocklists accordingly. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b73232c4-2928-4479-a600-cb9d41c73d24 - PhishDestroy: https://phishdestroy.io/domain/amitverma0509.github.io/ - LLM endpoint: https://phishdestroy.io/domain/amitverma0509.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/amitverma0509.github.io/ Last updated: 2026-03-28