# fatmaciba-cpu.github.io — MALICIOUS

> fatmaciba-cpu.github.io is a credential phishing domain flagged by 14 of 95 VirusTotal vendors, hosted on GitHub Pages. Check the full report.

## Summary
fatmaciba-cpu.github.io — a domain actively leveraged for credential phishing attacks — remains in active circulation, according to recent threat intelligence assessments.

This GitHub-hosted site has been flagged by 14 out of 95 VirusTotal vendors as a credential harvesting front, with the IP address 185.199.108.153 serving as its host. Registered through GitHub, Inc., the domain resolves to a Let's Encrypt SSL certificate, adding a veneer of legitimacy to its phishing infrastructure. The malicious repository has accumulated reports across 14 security platforms and sits behind a GitHub Pages infrastructure, blending into the platform’s legitimate ecosystem.

With an elevated risk profile and confirmed active status, this domain poses a credible threat to users expecting safe GitHub content. Immediate action is advised: block all outbound connections to 185.199.108.153, flag the domain in DNS filtering rules, and flag the GitHub repository for takedown. Users are strongly encouraged to avoid clicking any links associated with fatmaciba-cpu.github.io and to verify source authenticity via secondary channels before entering credentials. Organizations should update firewall rules and SIEM alerts to detect and block traffic to this domain and associated IP, ensuring proactive defense against this credential phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7b1fc32d-1614-4b59-bb6b-a281503f261d
- PhishDestroy: https://phishdestroy.io/domain/fatmaciba-cpu.github.io/
- LLM endpoint: https://phishdestroy.io/domain/fatmaciba-cpu.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/fatmaciba-cpu.github.io/
Last updated: 2026-03-28