# sharmabhay07-coder.github.io — MALICIOUS

> sharmabhay07-coder.github.io is a generic phishing domain with a high risk score. 11/95 VirusTotal vendors flag this domain as malicious.

## Summary
PhishDestroy identifies sharmabhay07-coder.github.io as an active generic phishing domain leveraging GitHub Pages infrastructure to distribute malicious payloads designed for credential theft. This domain employs a generic social-engineering framework with no direct brand impersonation, suggesting an opportunistic campaign targeting users who may trust GitHub.io subdomains. The threat actor utilizes obfuscation techniques to evade detection, raising concerns about widespread compromise across unsuspecting victims. 


Technical analysis confirms this domain resolves to IP 185.199.108.153 and is hosted via GitHub, Inc. with a valid Let's Encrypt SSL certificate. VirusTotal currently flags this domain with an 11/95 detection ratio among security vendors. Google Safe Browsing classifies this page under the SOCIAL_ENGINEERING category, further validating its malicious intent. With multiple blocklist rejections and no legitimate use case identified, this domain presents a persistent risk to unsuspecting internet users. 


Current monitoring shows the domain remains active and unreachable, indicating ongoing malicious operations. Immediate protective actions include blocking the domain sharmabhay07-coder.github.io and IP 185.199.108.153 at the network perimeter. Users are strongly advised to avoid clicking suspicious links and to verify destination URLs before entering credentials. Remaining risk remains high due to active distribution and lack of takedown confirmation.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/fd7139a3-78a6-4527-9d52-508946c93790
- PhishDestroy: https://phishdestroy.io/domain/sharmabhay07-coder.github.io/
- LLM endpoint: https://phishdestroy.io/domain/sharmabhay07-coder.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sharmabhay07-coder.github.io/
Last updated: 2026-04-14