# risushakya.github.io — SUSPICIOUS > risushakya.github.io mimics a fake login portal to steal credentials. Resolves to 185.199.108.153, currently blocked by OpenPhish and OISD. ## Summary risushakya.github.io is a confirmed active phishing domain impersonating a generic login portal. This domain is currently under investigation for its role in credential harvesting campaigns targeting unsuspecting users. The campaign is flagged as a generic phishing threat and remains unchecked by standard detection systems, posing an immediate risk to organizations and individuals exposed to it. risushakya.github.io was registered through GitHub, Inc., resolving to the IP address 185.199.108.153. This domain has been flagged by 0 of 95 VirusTotal vendors, indicating a lack of widespread detection despite its malicious intent. It is currently blocked by OpenPhish and OISD, appearing on 2 security blocklists. The domain holds an SSL certificate issued by Let's Encrypt, which may lend a false sense of legitimacy to users. The absence of detections on VirusTotal suggests this campaign is in its early stages, allowing it to evade conventional security measures temporarily. Trust scores for this domain are critically low, reflecting its recent registration and lack of established reputation. The campaign remains active, and users are strongly advised to avoid interacting with risushakya.github.io or any associated links. Organizations should update firewall and endpoint protection systems to include this domain in their blocklists immediately. Users who may have entered credentials on this domain should reset passwords for affected accounts and enable multi-factor authentication where possible. Security teams are encouraged to monitor network traffic for connections to the IP address 185.199.108.153 and investigate any anomalous login attempts. Further intelligence will be provided as this investigation progresses. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["OpenPhish", "OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/risushakya.github.io - PhishDestroy: https://phishdestroy.io/domain/risushakya.github.io/ - LLM endpoint: https://phishdestroy.io/domain/risushakya.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/risushakya.github.io/ Last updated: 2026-04-04