# metazxsdmaskmt.gitbook.io — MALICIOUS

> metazxsdmaskmt.gitbook.io is a fake login portal distributing malware. Flagged by 14/95 security vendors, this domain mimics legitimate services to steal.

## Summary
PhishDestroy identifies metazxsdmaskmt.gitbook.io as an active phishing domain hosting a fraudulent login portal designed to harvest user credentials. This domain specifically impersonates legitimate GitBook pages to deceive visitors into entering sensitive information such as usernames, passwords, or payment details. The attackers leverage a trusted SSL certificate issued by Google Trust Services to appear legitimate, while Cloudflare’s infrastructure obscures the true hosting location. Users attempting to access this domain are at elevated risk of credential theft, financial fraud, or malware infections.

This domain was flagged by 14 out of 95 security vendors on VirusTotal, indicating widespread detection of malicious activity. It is registered through Cloudflare, Inc., and resolves to IP address 172.64.147.209. The domain was created on March 30, 2014, and is currently blocked by OpenPhish, appearing on 1 security blocklist. These technical indicators confirm its malicious intent and operational status in phishing campaigns.

If you have visited metazxsdmaskmt.gitbook.io, immediately cease any interaction and avoid entering login credentials or personal information. Disconnect from the internet if possible, scan your device for malware using reputable antivirus software, and reset passwords for any accounts that may have been exposed. Report the domain to your IT security team or the platform it impersonates (e.g., GitBook) to aid in takedown efforts. Monitor financial accounts and enable two-factor authentication where available to mitigate potential damage.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2014-03-30 06:09:09
- Registrar: Cloudflare, Inc
- IP: 172.64.147.209

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/metazxsdmaskmt.gitbook.io
- PhishDestroy: https://phishdestroy.io/domain/metazxsdmaskmt.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/metazxsdmaskmt.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metazxsdmaskmt.gitbook.io/
Last updated: 2026-04-08