# hiya82p.github.io — MALICIOUS > PhishDestroy identifies hiya82p.github.io as an active credential theft phishing page targeting users. This GitHub-hosted domain has 15/95 VirusTotal detections. ## Summary PhishDestroy identifies hiya82p.github.io as a credential theft phishing domain active in the wild. This GitHub Pages-hosted site masquerades as a legitimate service to harvest user login credentials. No crypto drainer kit or brand impersonation is detected in current samples, indicating a focused campaign on credential harvesting. The domain leverages GitHub’s infrastructure to evade traditional URL filtering, relying on user trust in the platform. Technical indicators confirm elevated risk. The domain resolves to IP 185.199.108.153 and was registered via GitHub, Inc. VirusTotal shows 15/95 security vendors flag this domain as malicious. It is listed on 1 public blocklist and remains unflagged by Google Safe Browsing. A Let's Encrypt SSL certificate lends superficial legitimacy. The lack of blocklist coverage and high-risk indicators suggest ongoing deployment against unsuspecting users. This domain remains active with no takedown action reported. Users should avoid interaction and organizations should blocklist at DNS and network levels. Remaining risk is elevated due to GitHub’s trusted domain reputation and the absence of widespread blocklist coverage. Immediate response is required to prevent credential compromise. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/685c04b2-d487-486a-a09e-39b877bd833c - PhishDestroy: https://phishdestroy.io/domain/hiya82p.github.io/ - LLM endpoint: https://phishdestroy.io/domain/hiya82p.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/hiya82p.github.io/ Last updated: 2026-03-27