# harikalolla.github.io — SUSPICIOUS > PhishDestroy warns: harikalolla.github.io is a live crypto drainer (0/95 VT) mimicking crypto giveaways. Verify this site on PhishDestroy before clicking. ## Summary PhishDestroy identifies harikalolla.github.io as a live crypto drainer domain currently impersonating crypto giveaway pages to trick users into connecting wallets. The domain is hosted on GitHub Pages, making it appear legitimate at first glance, but the underlying infrastructure is configured to deploy a crypto drainer kit once a connection is initiated. Security researchers have begun tracking this domain due to its active distribution and low detection rates, suggesting it is a newly deployed threat. This domain was flagged by security systems after resolving to IP 185.199.108.153, a known GitHub Pages hosting range. The domain is registered through GitHub, Inc., which is consistent with legitimate GitHub Pages usage, but the actual content served is unauthorized. VirusTotal currently reports 0 out of 95 antivirus engines detecting any malicious content from this domain, indicating it has evaded detection by most scanners. It has been blocked by two major security blocklists: OpenPhish and OISD. The domain holds a valid SSL certificate issued by Let's Encrypt, which may help it bypass browser warnings for insecure sites. As of the latest assessment, harikalolla.github.io remains active and is currently serving malicious content. GitHub has not yet taken down the page despite reports, indicating a delay in response. PhishDestroy continues to monitor the domain and urges users to avoid interaction. The risk level remains under investigation due to the domain's low detection profile and active deployment. Users are strongly advised to verify any links from unknown sources on PhishDestroy before proceeding. Remaining risk: high exposure with low detection coverage. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["OpenPhish", "OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/harikalolla.github.io - PhishDestroy: https://phishdestroy.io/domain/harikalolla.github.io/ - LLM endpoint: https://phishdestroy.io/domain/harikalolla.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/harikalolla.github.io/ Last updated: 2026-04-04