# home-eigeeenlayer.gitbook.io — SUSPICIOUS > PhishDestroy identifies home-eigeeenlayer.gitbook.io as a live credential-harvesting site first seen 30-Mar-2024. ## Summary PhishDestroy has opened an active investigation into home-eigeeenlayer.gitbook.io after confirming it is currently hosting a phishing landing page designed to trick visitors into submitting sensitive login credentials. The page impersonates a legitimate GitBook workspace, capitalizing on user trust in the platform to steal usernames, passwords, and sometimes multi-factor authentication codes. Security scans show the site remains undetected by 0 out of 95 antivirus engines on VirusTotal at the time of analysis. This domain was registered through Cloudflare, Inc. on March 30, 2014—a full decade ago—indicating long-term ownership rather than a rushed one-off campaign. The site resolves to IP address 104.18.40.47 and holds a valid SSL certificate issued by Google Trust Services, which helps it blend in with legitimate encrypted traffic and evade detection layers that disregard HTTPS domains. Its age and clean infrastructure suggest deliberate, low-and-slow operations aimed at high-value targets. If you visited home-eigeeenlayer.gitbook.io, assume your credentials or session tokens were exposed. Immediately change passwords on all accounts where you reused that password, enable multi-factor authentication where available, and run a full antivirus scan on your device. Alert your IT team or security provider with the domain, IP address 104.18.40.47, and timestamp of visit. Monitor financial and email accounts for unusual activity for at least 30 days. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2014-03-30 06:09:09 - Registrar: Cloudflare, Inc - IP: 104.18.40.47 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/home-eigeeenlayer.gitbook.io - PhishDestroy: https://phishdestroy.io/domain/home-eigeeenlayer.gitbook.io/ - LLM endpoint: https://phishdestroy.io/domain/home-eigeeenlayer.gitbook.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/home-eigeeenlayer.gitbook.io/ Last updated: 2026-04-10