# varunvarunsr05-cp.github.io — SUSPICIOUS

> Beware: varunvarunsr05-cp.github.io is a crypto drainer fake login page flagged by Google Safe Browsing.

## Summary
PhishDestroy identifies varunvarunsr05-cp.github.io as an active fake login phishing domain currently distributing a cryptocurrency drainer. The site mimics legitimate login interfaces to harvest credentials and initiate unauthorized transactions. Security teams should treat this as an elevated threat due to its active status and confirmed malicious behavior.  

This domain was flagged by 4 of 95 VirusTotal vendors, blocked by Google Safe Browsing under the SOCIAL_ENGINEERING category, and registered through GitHub, Inc. The infrastructure resolves to IP 185.199.111.153 and utilizes a Let's Encrypt SSL certificate to appear legitimate. With 4 security vendors flagging it and no trust scores available, this domain exhibits high-risk characteristics typical of credential harvesting campaigns.  

Organizations should immediately block varunvarunsr05-cp.github.io at the network perimeter and warn users against interacting with the domain. Users who may have entered credentials should revoke any session tokens and monitor accounts for suspicious transactions. PhishDestroy users are advised to report this domain to enhance collective threat intelligence.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.111.153

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1d8c3902-fe98-41e9-ad4d-26c46a42d5f5
- PhishDestroy: https://phishdestroy.io/domain/varunvarunsr05-cp.github.io/
- LLM endpoint: https://phishdestroy.io/domain/varunvarunsr05-cp.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/varunvarunsr05-cp.github.io/
Last updated: 2026-04-12