# meetasxlogiin.gitbook.io — MALICIOUS

> Meetasxlogiin.gitbook.io impersonated MetaMask to steal data. The site is now offline. Avoid engagement and verify official sources for login.

## Summary
PhishDestroy has identified meetasxlogiin.gitbook.io as a high-risk brand impersonation domain targeting MetaMask users. The domain was designed to mimic the MetaMask login page, aiming to deceive users into divulging sensitive credentials. Such phishing attempts pose significant threats to cryptocurrency security and user assets.

The domain was registered through Cloudflare, Inc. and resolved to IP address 172.64.147.209. Despite its creation date being March 30, 2014, the site’s malicious use was recently flagged, with 13 out of 95 VirusTotal security engines marking it as suspicious. Additionally, the domain appeared on three separate security blocklists, confirming its involvement in harmful activity.

Currently, meetasxlogiin.gitbook.io is offline, reducing immediate risk to users. PhishDestroy recommends that users remain vigilant by avoiding suspicious links and always verifying URLs before entering credentials. For safe access, users should only log into MetaMask through verified official channels to prevent falling victim to similar threats. Monitoring such domains continues to be critical in maintaining digital asset security.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: MetaMask
- Page title: MetaMask® Login | Official Website | us

## Domain Intelligence
- Registered: 2014-03-30 06:09:09
- Expires: 2026-03-30 06:09:09
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.64.147.209
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dahlia.ns.cloudflare.com hugh.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199e351-db56-74ac-a685-6075413290a8.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4f2e07fb-9c03-42e8-8e4b-aaa0196989f7
- Wayback Machine: https://web.archive.org/web/https://meetasxlogiin.gitbook.io
- PhishDestroy: https://phishdestroy.io/domain/meetasxlogiin.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/meetasxlogiin.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/meetasxlogiin.gitbook.io/
Last updated: 2026-03-19