# presna-org.github.io — MALICIOUS

> Presna-org.github.io mimics a legitimate site but serves as a malicious login page per OpenPhish telemetry (12/95 VirusTotal detections).

## Summary
PhishDestroy identifies presna-org.github.io as an active generic phishing domain deployed via GitHub Pages that poses an elevated risk to unsuspecting visitors.


This domain was flagged by OpenPhish and is currently blocked by their pipeline; VirusTotal records 12 out of 95 security vendors already detecting malicious content. Resolving to 185.199.110.153, it sits on one active blocklist and leverages a Let’s Encrypt SSL certificate for authenticity cues. Registration occurred through GitHub, Inc., an otherwise reputable provider that is being abused to host imposter content.


Users should treat presna-org.github.io as hostile and avoid any credential entry or data submission. Report the domain to your email provider and browser vendors; use HTTPS-only and DNS filtering to quarantine the host. If credentials were entered, rotate passwords immediately and enable multi-factor authentication wherever possible.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.110.153

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/38eda33f-994b-46bf-84da-4cabcb7a2eca
- PhishDestroy: https://phishdestroy.io/domain/presna-org.github.io/
- LLM endpoint: https://phishdestroy.io/domain/presna-org.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/presna-org.github.io/
Last updated: 2026-03-27