# zuhair246.github.io — MALICIOUS > zuhair246.github.io is a credential harvesting scam flagged by 13 of 95 VirusTotal vendors, posing as a fake login portal. ## Summary PhishDestroy identifies zuhair246.github.io as a high-risk credential harvesting domain currently active and engaged in social engineering attacks. This GitHub-hosted page (zuair246.github.io) resolves to IP 185.199.108.153 and is flagged by Google Safe Browsing for SOCIAL_ENGINEERING tactics, indicating it is designed to deceive users into submitting sensitive information through fake login interfaces. With 13 out of 95 security vendors on VirusTotal detecting malicious activity, this domain represents a clear threat to user privacy and account security. This domain was flagged by OpenPhish and included on 1 security blocklist due to its use of spoofed interfaces. Registered through GitHub, Inc., it leverages a Let's Encrypt SSL certificate to appear legitimate, exploiting user trust in HTTPS connections. VirusTotal’s 13/95 vendor detection rate highlights its malicious nature, and Google’s SOCIAL_ENGINEERING classification confirms it is used to manipulate users into divulging credentials or personal data under false pretenses. If you visited zuhair246.github.io, do not enter any login details or personal information. Immediately change passwords for any accounts you may have submitted, enable multi-factor authentication where possible, and scan your device for malware. Report the domain to your IT team or security provider, and avoid clicking any links from unsolicited emails or messages associated with this page. Monitor financial and account activity closely for signs of unauthorized access. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 13 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/5d0763df-0ed4-4a3f-bab1-9427f2af6ae5 - PhishDestroy: https://phishdestroy.io/domain/zuhair246.github.io/ - LLM endpoint: https://phishdestroy.io/domain/zuhair246.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/zuhair246.github.io/ Last updated: 2026-03-29