# madhaavvvv.github.io — MALICIOUS

> GitHub-hosted domain madhaavvvv.github.io is distributing fake login pages. 14/95 VirusTotal engines flag it. Check the full report.

## Summary
PhishDestroy identifies madhaavvvv.github.io as an active credential-harvesting page posing as a GitHub login portal. The site is engineered to trick visitors into submitting usernames and passwords that are immediately exfiltrated to attacker-controlled servers. Once harvested, stolen credentials are typically reused against high-value targets or sold on underground forums within hours of collection.

This domain was flagged by 14 out of 95 VirusTotal security vendors and is served from IP 185.199.108.153 via a Let’s Encrypt certificate. It was registered through GitHub, Inc., indicating no traditional WHOIS record is publicly available, a common tactic used to delay takedown efforts and obscure true ownership. The combination of legitimate hosting (GitHub Pages) and low detection initially lowers user suspicion, increasing the chance of successful compromise.

If you visited madhaavvvv.github.io, assume credentials entered were compromised. Immediately rotate all passwords used on that page, enable two-factor authentication on every account, and scan local devices with updated antivirus software. Report any suspicious logins to the relevant service provider and consider revoking GitHub OAuth tokens linked to the affected account. Monitor financial and email accounts for signs of secondary compromise over the next 30 days.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8c2eedc0-1cdd-4a6c-841d-8d4c48df8913
- PhishDestroy: https://phishdestroy.io/domain/madhaavvvv.github.io/
- LLM endpoint: https://phishdestroy.io/domain/madhaavvvv.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/madhaavvvv.github.io/
Last updated: 2026-03-26