# shrishtikumarii.github.io — MALICIOUS > Investigation confirms generic phishing on shrishtikumarii.github.io, a crypto drainer leveraging GitHub Pages. VirusTotal flags 8/95 vendors. ## Summary PhishDestroy identifies an active generic phishing campaign operating from the domain shrishtikumarii.github.io. This infrastructure is specifically designed for credential theft and is currently engaged in harvesting user login details via deceptive web interfaces. The threat is elevated due to its operational maturity and the potential for rapid data exfiltration to unauthorized actors. Campaigns of this nature often target users with promises of rewards, exclusive access, or urgent account verification, leading to direct financial or identity compromise. This domain was flagged by VirusTotal with 8 out of 95 security vendors detecting malicious activity as of the latest scan. It was registered through GitHub, Inc., hosting infrastructure resolved to IP 185.199.109.153. The domain utilizes a Let's Encrypt SSL certificate, which may reduce user suspicion despite its malicious intent. The absence of this domain in major blocklists suggests recent deployment or evasion tactics. Trust scores and historical WHOIS data indicate recent registration, with no prior legitimate association, reinforcing its use as a disposable phishing asset. Mitigation requires immediate action: block the domain shrishtikumarii.github.io at the network and endpoint level. Users should avoid interacting with the domain and report any accidental exposure to their security teams. If credentials were entered, initiate a password reset and enable multi-factor authentication on all related accounts. Security teams should inspect TLS certificates issued to this domain for additional indicators of compromise. Further IOCs can be extracted from network traffic logs focusing on outbound connections to 185.199.109.153 via ports 80 or 443, especially those containing POST requests to non-standard endpoints. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.109.153 ## Detection Status - VirusTotal: 8 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/ba516d2c-3745-4c1e-a65e-bc9998c26ff4 - PhishDestroy: https://phishdestroy.io/domain/shrishtikumarii.github.io/ - LLM endpoint: https://phishdestroy.io/domain/shrishtikumarii.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/shrishtikumarii.github.io/ Last updated: 2026-03-23