# patrickstashh.cc — SUSPICIOUS

> Malicious patrickstashh.cc harvests login credentials. VirusTotal reports 1/95 detections. Review full risk report before clicking links.

## Summary
PhishDestroy identifies an actively deployed credential-harvesting domain masquerading as a personal storage service at patrickstashh.cc.  This domain, registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on August 13, 2023, resolves to IP address 172.67.182.36 and presents an SSL certificate issued by Google Trust Services to appear trustworthy. VirusTotal already flags it with 1 positive detection out of 95 participating security vendors, underscoring its hazardous nature. The domain remains unlisted on major public blocklists, indicating it has evaded broad detection while actively victimizing visitors. Registration timing, infrastructure choice, and certificate validation tactics align with modern phishing kits designed for rapid deployment and low overhead.  Risk is elevated due to the combination of a newly created domain, premium SSL masking, and low but existing antivirus coverage. The absence on mainstream blocklists suggests the campaign may be narrowly targeted or still in early propagation, giving it a window to harvest credentials before widespread takedown. Attackers often leverage such domains in spam emails, fake login portals, or impersonation pages to trick users into surrendering passwords or payment details.  Users who visited patrickstashh.cc should immediately check browser history for saved credentials, change reused passwords on other sites, and run a full antivirus scan. If any form was completed or credentials entered, treat them as compromised and revoke access immediately. Report the domain to your security team and network administrators for blocking. Monitor financial accounts closely for unauthorized transactions. Do not re-enter any data on this domain—it is a credential-harvesting trap deployed as of August 2023.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2023-08-13 17:02:48
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.182.36

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3a21caf5-88fd-49c8-84fa-764016c5513d
- PhishDestroy: https://phishdestroy.io/domain/patrickstashh.cc/
- LLM endpoint: https://phishdestroy.io/domain/patrickstashh.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/patrickstashh.cc/
Last updated: 2026-03-26