# devsanthiago.github.io — SUSPICIOUS

> devsanthiago.github.io is a crypto drainer landing page hosted on GitHub Pages (185.199.108.153). This domain mimics legitimate repositories to steal crypto.

## Summary
PhishDestroy has flagged devsanthiago.github.io as an active crypto drainer impersonating GitHub Pages to deceive users into connecting wallets or submitting seed phrases. This malicious repository leverages GitHub’s trusted infrastructure to bypass traditional security filters, making it especially dangerous for cryptocurrency users. The domain resolves to IP 185.199.108.153 and utilizes a Let’s Encrypt SSL certificate to appear legitimate, further lowering user suspicion.  This domain was registered through GitHub, Inc., and while its exact creation date remains unverified, it currently shows 0 detections out of 95 on VirusTotal, indicating it has evaded automated detection systems. Despite its low detection count, the presence of a crypto drainer payload and its use of GitHub Pages for hosting raise immediate red flags. Its infrastructure aligns with known tactics used by threat actors to host wallet-stealing scripts under the guise of legitimate repositories.  If you’ve visited devsanthiago.github.io or interacted with any page hosted on this domain, disconnect your wallet immediately and revoke any connected permissions via your wallet’s security settings. Do not reuse seed phrases or private keys. Report the domain to PhishDestroy for further analysis and consider using a hardware wallet for future transactions. Always verify URLs and domains before engaging, especially those hosted on free or reputable platforms like GitHub.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/devsanthiago.github.io
- PhishDestroy: https://phishdestroy.io/domain/devsanthiago.github.io/
- LLM endpoint: https://phishdestroy.io/domain/devsanthiago.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/devsanthiago.github.io/
Last updated: 2026-04-05