# xsahilpatil.github.io — MALICIOUS > xsahilpatil.github.io is a credential theft phishing site targeting users. 15/95 VirusTotal engines flag it. Avoid this domain now. ## Summary PhishDestroy identifies xsahilpatil.github.io as an active credential theft phishing domain designed to steal user login details and sensitive information. This malicious site poses a significant risk to unsuspecting visitors, particularly those who may interact with forms or input fields on the page. The threat actor behind this operation leverages deceptive tactics to impersonate legitimate services, tricking users into submitting their credentials directly to the attacker-controlled server. Once harvested, this stolen data can be used for unauthorized account access, identity theft, or sold on dark web markets, leading to financial loss and reputational damage for victims. This domain was flagged by 15 out of 95 security vendors on VirusTotal, indicating a high likelihood of malicious activity. It resolves to IP address 185.199.108.153 and utilizes a Let's Encrypt SSL certificate to appear legitimate. Registered through GitHub, Inc., this domain is hosted on a trusted platform but has been weaponized for malicious purposes. The combination of a high VirusTotal detection rate and the use of a legitimate hosting provider like GitHub underscores the sophisticated nature of this threat, as attackers often exploit reputable services to evade traditional security measures. If you have visited xsahilpatil.github.io, immediately check your accounts for any suspicious activity, especially those linked to email, banking, or social media platforms. Change passwords for affected accounts using a different device, and enable multi-factor authentication where available. Scan your device for malware using reputable antivirus software, and avoid entering any personal or financial information on unknown websites. Report the domain to your IT administrator or cybersecurity team if it appears in work-related contexts. Stay vigilant and verify the authenticity of websites before submitting sensitive data to protect yourself from credential theft and other cyber threats. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/xsahilpatil.github.io - PhishDestroy: https://phishdestroy.io/domain/xsahilpatil.github.io/ - LLM endpoint: https://phishdestroy.io/domain/xsahilpatil.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/xsahilpatil.github.io/ Last updated: 2026-04-07