# harshbagwan.github.io — SUSPICIOUS > Be aware: harshbagwan.github.io hosts a crypto drainer scam that steals wallet credentials. Avoid this page immediately. Verify safety on PhishDestroy. ## Summary PhishDestroy identifies harshbagwan.github.io as a live crypto drainer scam site actively harvesting cryptocurrency wallet credentials from unsuspecting users. The domain masquerades as a legitimate GitHub Pages instance while serving malicious JavaScript intended to drain victim wallets upon wallet connection. Threat actors leverage GitHub’s trusted infrastructure to host the payload, increasing the likelihood of successful deception. Initial engagement typically occurs through phishing emails or social media links pointing to the site. This domain was flagged by security vendors including OpenPhish and OISD, with Google Safe Browsing classifying it under SOCIAL_ENGINEERING. Current VirusTotal analysis shows 0/95 detection engines flagging the URL, indicating a newly launched or rapidly evolving threat. The site resolves to IP 185.199.108.153 and uses a Let's Encrypt SSL certificate to appear legitimate. Registered via GitHub, Inc., the domain has been flagged twice across independent threat intelligence feeds, suggesting rapid uptake by attackers. If you’ve visited harshbagwan.github.io, disconnect any connected cryptocurrency wallets immediately and revoke any unauthorized permissions. Do not re-enter credentials or connect wallets on this domain. Run a full system scan with updated antivirus software. Report the domain to PhishDestroy using the unique seed a4ec2d for network defense collaboration. Monitor wallet transactions closely for unauthorized transfers. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 2 hits Lists: ["OpenPhish", "OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/harshbagwan.github.io - PhishDestroy: https://phishdestroy.io/domain/harshbagwan.github.io/ - LLM endpoint: https://phishdestroy.io/domain/harshbagwan.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/harshbagwan.github.io/ Last updated: 2026-04-04