# bilalur03.github.io — MALICIOUS > bilalur03.github.io is a high-risk GitHub Pages phishing site mimicking login portals. Flagged by 19 of 95 VirusTotal vendors, it lures users into credential. ## Summary PhishDestroy identifies bilalur03.github.io as a high-risk generic phishing domain actively impersonating legitimate login interfaces to harvest user credentials. The domain is currently live and flagged by multiple threat intelligence systems, posing an immediate risk to unsuspecting visitors. No specific brand impersonation is confirmed beyond standard social engineering tactics. This domain was flagged by 19 of 95 VirusTotal security vendors, blocked by OpenPhish, and listed on 1 security blocklist. Registered through GitHub, Inc. via GitHub Pages, it resolves to IP 185.199.108.153 and is flagged by Google Safe Browsing under the SOCIAL_ENGINEERING category. The domain utilizes a valid Let's Encrypt SSL certificate, adding a false sense of legitimacy to deceive users. While the exact creation date is not provided, the aggregation of these indicators—particularly the VirusTotal detection ratio and multi-source blocking—confirms its malicious intent and operational status. Users should avoid interacting with bilalur03.github.io entirely due to the high risk of credential theft and malware exposure. Organizations are advised to block the domain at the network perimeter and update endpoint detection rules to flag visits to this URL. If accidental exposure occurs, users must immediately change passwords on all accounts using the same credentials and enable multi-factor authentication where available. Report the domain to your IT security team or file a complaint with Google Safe Browsing to aid in global threat mitigation. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 19 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7cedb863-a624-4114-be95-c41204219ddf - PhishDestroy: https://phishdestroy.io/domain/bilalur03.github.io/ - LLM endpoint: https://phishdestroy.io/domain/bilalur03.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bilalur03.github.io/ Last updated: 2026-03-31