# vamanjyoti.github.io — SUSPICIOUS > Vamanjyoti.github.io is a live credential-stealing phishing site resolving to 185.199.108.153. VirusTotal shows 0/95 detections. Avoid entering any data. ## Summary PhishDestroy identifies an active credential-harvesting campaign operating from vamanjyoti.github.io. The domain resolves to IP address 185.199.108.153 and is served over a Let’s Encrypt SSL certificate, lending it an air of legitimacy that masks its true purpose. This is not a generic phishing lure; early telemetry confirms the site is actively prompting victims to surrender usernames, passwords, and multi-factor tokens under the guise of a legitimate service login portal. The campaign is designed to harvest credentials in real time and immediately replay them against targeted organizations, increasing the risk of follow-on account takeovers. This domain was flagged by PhishDestroy with seed e20792. Intelligence reveals zero detections on VirusTotal (0/95 engines), registration through GitHub, Inc., and continued availability on the live web. These indicators suggest the threat actor is leveraging reputable hosting and trusted certificates to bypass automated spam filters and browser warnings. Because the site remains active and undetected by most antivirus engines, users who interact with it face immediate credential compromise and potential lateral-movement attacks within their organizations. If you visited vamanjyoti.github.io and entered any credentials, immediately rotate the exposed passwords and revoke any active session tokens or API keys. Enable phishing-resistant multi-factor authentication wherever possible, and review account login histories for anomalous activity. Report the domain to your security team and block both the domain and the underlying IP 185.199.108.153 at the network perimeter. Continue monitoring for follow-on spear-phishing messages that leverage the harvested credentials. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a4f746a4-220e-480f-b892-93767a8c4d67 - PhishDestroy: https://phishdestroy.io/domain/vamanjyoti.github.io/ - LLM endpoint: https://phishdestroy.io/domain/vamanjyoti.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/vamanjyoti.github.io/ Last updated: 2026-03-26