# aishabtidon.github.io — SUSPICIOUS > Investigating aishabtidon.github.io for crypto drainer phishing, currently active with 0/95 VirusTotal detections. Take immediate safety precautions. ## Summary PhishDestroy identifies aishabtidon.github.io as an active crypto drainer phishing domain currently under investigation. This GitHub-hosted page is actively distributing malicious payloads designed to siphon cryptocurrency assets from unwitting victims. The threat remains active as security vendors continue to evaluate its infrastructure and payload delivery mechanisms, with no detections recorded on VirusTotal at this time (0/95). This domain resolves to IP address 185.199.108.153 and utilizes a Let's Encrypt SSL certificate to establish trustworthiness. Registered through GitHub, Inc., this domain shows no current presence on major threat intelligence blocklists. The absence of VirusTotal detections (0/95) combined with legitimate hosting through GitHub suggests this threat is either newly deployed or employs evasion techniques to bypass initial detection layers. The crypto drainer payloads are likely distributed through social engineering campaigns targeting cryptocurrency users. As this investigation remains active, immediate caution is advised for cryptocurrency users. Security teams should block the IP address 185.199.108.153 and monitor for outbound connections to this domain. Users should verify website authenticity through official channels before entering any cryptocurrency wallet credentials or private keys. Implement network-level protections to detect and block crypto drainer signatures, and educate cryptocurrency communities about the risks of interacting with unverified websites. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/aishabtidon.github.io - PhishDestroy: https://phishdestroy.io/domain/aishabtidon.github.io/ - LLM endpoint: https://phishdestroy.io/domain/aishabtidon.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/aishabtidon.github.io/ Last updated: 2026-04-03