# uday-raj-gupta.github.io — MALICIOUS

> GitHub-hosted domain uday-raj-gupta.github.io is a credential-harvesting scam flagged by 16/95 VirusTotal engines and Google Safe Browsing for social.

## Summary
PhishDestroy identifies uday-raj-gupta.github.io as an active credential-harvesting domain leveraging GitHub Pages to impersonate a legitimate service and steal user credentials. The site poses as a file-sharing or document portal, deploying a generic drainer kit to capture login details and session tokens. No specific brand is mimicked in known intelligence, indicating an opportunistic campaign targeting unsuspecting users under the guise of a professional GitHub-hosted page. 


Technical indicators confirm this domain as malicious: VirusTotal reports a detection ratio of 16/95 security vendors, while Google Safe Browsing classifies it under SOCIAL_ENGINEERING. Resolving to IP 185.199.108.153, the domain is registered through GitHub, Inc. and secured with a Let's Encrypt SSL certificate. The unique seed identifier 9dd219 corresponds to this confirmed threat profile. 


This domain remains active and poses a high risk to users who interact with its fraudulent login forms. PhishDestroy recommends immediate blocking of the domain and IP address. Users who have entered credentials should change passwords on all accounts and enable multi-factor authentication. Remaining risk is high due to the domain’s continued availability and the drainer kit’s potential to harvest further sensitive data.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/uday-raj-gupta.github.io
- PhishDestroy: https://phishdestroy.io/domain/uday-raj-gupta.github.io/
- LLM endpoint: https://phishdestroy.io/domain/uday-raj-gupta.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/uday-raj-gupta.github.io/
Last updated: 2026-04-09