# shivani-tomar63.github.io — SUSPICIOUS > PhishDestroy identifies shivani-tomar63.github.io as a credential theft page hosting fake login forms. ## Summary PhishDestroy identifies shivani-tomar63.github.io as an active credential theft domain currently under investigation for generic phishing operations. The site masquerades as a legitimate GitHub Pages URL while hosting fraudulent login interfaces designed to harvest user credentials. This domain remains live and accessible, posing an immediate risk to visitors who may unwittingly submit sensitive information. This domain was flagged by 0 of 95 VirusTotal vendors during automated analysis, indicating it has not yet been widely recognized by security engines despite suspicious activity. The page is registered through GitHub, Inc. and resolves to IP address 185.199.108.153 using a Let’s Encrypt SSL certificate. Although precise registration date is unavailable, the domain remains active under GitHub’s Pages service, while current trust and blocklist metrics remain unverified due to early-stage classification. The absence of detections suggests a newly deployed threat that has evaded initial scanning layers. While under investigation, this site represents a credible credential theft risk. Security teams should block shivani-tomar63.github.io at the network firewall and DNS level. End users should avoid visiting the domain and verify any unexpected login prompts via official channels. Organizations are advised to scan internal endpoints for signs of credential submission to this or similar domains. Monitor for updates as threat intelligence evolves. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/shivani-tomar63.github.io - PhishDestroy: https://phishdestroy.io/domain/shivani-tomar63.github.io/ - LLM endpoint: https://phishdestroy.io/domain/shivani-tomar63.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/shivani-tomar63.github.io/ Last updated: 2026-04-03