# sahilkhanna82.github.io — MALICIOUS > Domain sahilkhanna82.github.io hosts a crypto drainer mimicking brands; flagged by OpenPhish and 7/95 scanners. ## Summary Domain sahilkhanna82.github.io is an active crypto-draining phishing site flagged by PhishDestroy with elevated risk. This GitHub-hosted page impersonates a brand to trick users into connecting crypto wallets and drain assets via malicious JavaScript. The landing page likely mimics a legitimate service interface to harvest private keys or seed phrases, triggering pre-built drainer kits when wallets are linked. This campaign follows recent incidents where threat actors abuse GitHub Pages to host obfuscated drainer scripts under plausible usernames, leveraging free hosting for low operational cost. PhishDestroy identifies exact technical indicators: VirusTotal detection at 7/95 security vendors (notably including OpenPhish), resolving to IP 185.199.108.153 via GitHub’s infrastructure. The domain was registered through GitHub, Inc., utilizing a Let’s Encrypt SSL certificate for spoofed legitimacy. This domain appears on 1 security blocklist and has no public creation date due to GitHub’s ephemeral page model—sites are created ad-hoc and can be taken down rapidly. The low blocklist count suggests recent deployment and limited historical tracking, increasing risk of undetected exposure. Registrar transparency is obscured behind GitHub Pages, a known tactic to reduce attribution. Current status is active as of seed 8fce65, with OpenPhish and 7 scanners blocking distribution. GitHub has not yet suspended the repository, indicating a short detection window. Immediate user action is required: avoid visiting sahilkhanna82.github.io, verify any crypto-related links via PhishDestroy, and revoke unnecessary wallet connections. Remaining risk is elevated due to active hosting, free infrastructure abuse, and low historical flagging—users interacting with crypto interfaces must treat this domain as hostile until confirmed resolved. PhishDestroy continues to monitor and recommends reporting any encounters. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 7 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1d311418-ed22-4fd0-95a2-bc58302fa08a - PhishDestroy: https://phishdestroy.io/domain/sahilkhanna82.github.io/ - LLM endpoint: https://phishdestroy.io/domain/sahilkhanna82.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sahilkhanna82.github.io/ Last updated: 2026-03-29