# facebookweb.github.io — MALICIOUS > facebookweb.github.io impersonates Facebook to steal credentials. Flagged by 10 of 95 VirusTotal vendors, this GitHub-hosted scam resolves to IP 185.199.108.153. ## Summary PhishDestroy identifies facebookweb.github.io as an active brand impersonation threat targeting Facebook users. The domain mimics Facebook's login interface to harvest credentials and deploy malware. According to current intelligence, this site remains operational and poses a significant security risk to unaware visitors. This domain was flagged by 10 of 95 VirusTotal vendors, indicating partial detection by security systems. Registered through GitHub, Inc., it resolves to IP address 185.199.108.153, which has been associated with multiple phishing campaigns. The Let's Encrypt SSL certificate provides a false sense of security, while the GitHub hosting infrastructure complicates takedown efforts. Recent analysis shows consistent activity since initial detection, with no signs of remediation despite multiple security alerts. Users should immediately avoid accessing this domain and verify any Facebook login pages through official sources only. Organizations should implement DNS-based blocking for facebookweb.github.io and monitor network traffic for connections to 185.199.108.153. Report this domain to Facebook's abuse team and your organization's security provider. Exercise caution with any unsolicited links claiming to be Facebook login pages, as legitimate Facebook domains follow strict naming conventions through facebook.com. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Facebook ## Domain Intelligence - Registrar: GitHub, Inc. - IP: 185.199.108.153 ## Detection Status - VirusTotal: 10 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/15e6efa0-c363-4748-b52d-853349a7b4f0 - PhishDestroy: https://phishdestroy.io/domain/facebookweb.github.io/ - LLM endpoint: https://phishdestroy.io/domain/facebookweb.github.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/facebookweb.github.io/ Last updated: 2026-04-01