# a.gobookroom.com — MALICIOUS > a.gobookroom.com is a credential theft phishing domain flagged by 21 security vendors on VirusTotal. This domain, registered through GoDaddy, is actively. ## Summary PhishDestroy identifies a.gobookroom.com as a credential theft phishing domain actively impersonating legitimate services to harvest user credentials. This domain mimics the branding of popular platforms, luring victims into entering sensitive login information on fraudulent login pages. The threat actor behind this campaign leverages deceptive subdomains and convincing page layouts to increase the likelihood of successful credential capture. Historical intelligence suggests this infrastructure may be part of a broader campaign targeting enterprise and individual users alike. Technical indicators confirm the malicious nature of a.gobookroom.com. VirusTotal analysis reveals a 21/95 detection ratio, with OpenPhish and PhishingArmy actively blocking access to the domain. The domain was registered through GoDaddy.com, LLC on October 26, 2025, and resolves to IP address 102.223.72.62. The SSL certificate, issued by TrustAsia Technologies, Inc., further obfuscates malicious activities by providing a veneer of legitimacy. Additionally, this domain appears on two security blocklists, reinforcing its elevated risk profile. The current status of a.gobookroom.com remains active, with no evidence of takedown as of this report. Given the elevated risk level and active distribution, users are strongly advised to avoid interacting with this domain or any associated subdomains. Immediate mitigation steps include blocking the domain at the network and DNS levels, updating phishing blocklists, and educating users about the risks of credential theft campaigns. The remaining risk is high due to the domain’s recent creation, active distribution, and partial detection coverage, suggesting a need for heightened vigilance and proactive threat hunting. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-10-26 05:19:13 - Registrar: GoDaddy.com, LLC - IP: 102.223.72.62 ## Detection Status - VirusTotal: 21 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["OpenPhish", "PhishingArmy"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/fe66fa58-df01-408f-b7f9-8703c056e610 - PhishDestroy: https://phishdestroy.io/domain/a.gobookroom.com/ - LLM endpoint: https://phishdestroy.io/domain/a.gobookroom.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/a.gobookroom.com/ Last updated: 2026-04-12