# deepthi0718.github.io — MALICIOUS > PhishDestroy identifies deepthi0718.github.io as an active credential harvesting phishing domain. 10 of 95 VirusTotal scanners detect malicious activity. ## Summary PhishDestroy identifies deepthi0718.github.io as a live domain actively distributing a credential-harvesting phishing kit designed to steal login credentials and personal data. The infrastructure includes a Let’s Encrypt-issued SSL certificate and resolves to GitHub Pages IP 185.199.108.153, confirming use of legitimate hosting to lend false legitimacy to the fraudulent page. The campaign targets users with spoofed login forms that exfiltrate credentials to attacker-controlled servers, enabling follow-on identity theft and account takeover across multiple services. This domain was flagged by 10 of 95 VirusTotal participating engines and is served via GitHub Pages, a platform frequently abused to host short-lived phishing pages that evade traditional blocklists. The IP address 185.199.108.153 belongs to GitHub’s Pages infrastructure, while the Let’s Encrypt certificate enhances the appearance of trustworthiness to potential victims. The low detection ratio relative to the high-risk nature of credential harvesting indicates the kit employs evasion techniques such as dynamic content delivery, server-side fingerprinting, and randomized URL paths to bypass automated scanners and remain active longer. If you visited deepthi0718.github.io or any linked page and entered credentials, immediately change passwords on all accounts using the same or similar login details, enable multi-factor authentication (MFA), and revoke any suspicious sessions. Run a full antivirus and anti-malware scan on your device to detect and remove any dropped payloads or browser extensions. Report the domain to your security team or IT administrator and consider using a password manager with breach monitoring to prevent future compromises. Monitor financial and identity-related accounts for unauthorized activity and remain cautious of follow-up phishing attempts leveraging stolen credentials. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 10 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a33fa9d8-a806-4ecc-a01e-2970b084e082 - PhishDestroy: https://phishdestroy.io/domain/deepthi0718.github.io/ - LLM endpoint: https://phishdestroy.io/domain/deepthi0718.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/deepthi0718.github.io/ Last updated: 2026-04-12