# shivam-pal07.github.io — MALICIOUS

> PhishDestroy flags shivam-pal07.github.io for credential theft via fake login prompts. Check the full report.

## Summary
PhishDestroy identifies shivam-pal07.github.io as a credential-stealing webpage actively distributing a generic drainer kit, primarily targeting unsuspecting users through social engineering tactics such as fake login overlays and deceptive pop-ups designed to harvest credentials. The domain mimics legitimate services to trick visitors into entering sensitive information, which is then exfiltrated to unauthorized third parties. The infrastructure appears to rely on GitHub Pages for hosting, leveraging the platform's trusted reputation to bypass initial scrutiny while facilitating malicious activity.

Technical indicators confirm the domain's malicious nature: VirusTotal reports 18 out of 95 security vendors flagged the domain, indicating widespread detection but incomplete coverage. The domain resolves to IP address 185.199.108.153, which is associated with GitHub's infrastructure, registered through GitHub, Inc. The SSL certificate is issued by Let's Encrypt, adding a veneer of legitimacy. Google Safe Browsing has labeled the domain under the 'SOCIAL_ENGINEERING' category, further validating its deceptive intent. These combined factors paint a clear picture of a high-risk domain designed for credential theft.

As of the latest assessment, shivam-pal07.github.io remains active and accessible, with no evidence of takedown or remediation by hosting providers or registrars. PhishDestroy recommends immediate avoidance of this domain and any associated links. Users who may have interacted with this site should reset passwords for accounts potentially exposed and enable multi-factor authentication where available. The risk level remains high due to the domain's active status, the drainer kit's sophistication, and the lack of mitigation efforts. Continuous monitoring and reporting to security vendors and platforms like GitHub are critical to prevent further exploitation.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/02f93170-df3a-459d-903c-da7042001a60
- PhishDestroy: https://phishdestroy.io/domain/shivam-pal07.github.io/
- LLM endpoint: https://phishdestroy.io/domain/shivam-pal07.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/shivam-pal07.github.io/
Last updated: 2026-03-23