# suguna-ayyappan.github.io — MALICIOUS

> suguna-ayyappan.github.io hosts a fake login page mimicking a legitimate service. Posing as a credential harvesting trap, it exploits GitHub Pages'.

## Summary
PhishDestroy identifies suguna-ayyappan.github.io as an active credential harvesting domain masquerading as a legitimate login portal. The site leverages GitHub Pages' reputation to deceive users into submitting sensitive credentials, creating an immediate risk of account takeover and unauthorized access. This domain should be treated as an elevated threat requiring urgency.  The site resolves to IP 185.199.108.153 and was registered through GitHub, Inc., likely as part of an abuse of GitHub Pages hosting for malicious purposes. VirusTotal analysis confirms 11 out of 95 security vendors have flagged this domain as malicious, with a presence on 1 blocklist coordinated by OpenPhish, a recognized phishing intelligence feed. While the domain uses a valid Let’s Encrypt SSL certificate, this alone does not indicate trustworthiness, as threat actors routinely abuse free certificates for legitimacy signaling. The registration mechanism via GitHub Pages allows threat actors to rapidly deploy spoofed landing pages without direct domain ownership, increasing operational speed and evasiveness.  Given its confirmed credential harvesting intent, users are strongly advised to avoid interacting with any login forms or input fields on this page. Organizations should block this domain at network and DNS levels. If credentials were accidentally submitted, users must immediately reset passwords, enable multi-factor authentication, and monitor for signs of credential stuffing or account compromise. Always verify URLs visually and use bookmarks rather than links for sensitive logins. Report this domain to your security team or via platforms like OpenPhish for collective defense.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/61c2ad6d-f6b8-445a-8f24-dfba84bfdd32
- PhishDestroy: https://phishdestroy.io/domain/suguna-ayyappan.github.io/
- LLM endpoint: https://phishdestroy.io/domain/suguna-ayyappan.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/suguna-ayyappan.github.io/
Last updated: 2026-03-29