# shanofarsaiyed06-lab.github.io — MALICIOUS

> Domain shanofarsaiyed06-lab.github.io identified as credential theft phishing site, flagged by 13/95 VirusTotal vendors. Immediate disconnection advised.

## Summary
PhishDestroy identifies shanofarsaiyed06-lab.github.io as an active credential theft phishing domain. This GitHub-hosted site poses a high risk due to its deceptive nature and broad detection coverage across security vendors.

This domain was flagged by 13 of 95 VirusTotal security vendors, indicating widespread suspicion. Hosted at IP 185.199.108.153 under GitHub, Inc.'s infrastructure, the site leverages a Let's Encrypt SSL certificate for false legitimacy. Its recent creation and elevated risk score underscore its malicious intent.

Mitigation requires immediate blocklisting of the domain and IP address in firewall and proxy rules. Users should be warned against entering credentials on this site, as it mimics legitimate login portals to harvest sensitive data. Organizations are advised to deploy updated threat intelligence feeds to prevent further exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/86a233ad-4353-4e2c-b6bd-bf94d0bc1f29
- PhishDestroy: https://phishdestroy.io/domain/shanofarsaiyed06-lab.github.io/
- LLM endpoint: https://phishdestroy.io/domain/shanofarsaiyed06-lab.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/shanofarsaiyed06-lab.github.io/
Last updated: 2026-03-30