# metmskzlogun.gitbook.io — MALICIOUS

> Metmskzlogun.gitbook.io is a medium-risk phishing site. Avoid entering personal info and report suspicious activity immediately.

## Summary
PhishDestroy identifies metmskzlogun.gitbook.io as an active phishing domain posing a medium-level risk. The site mimics legitimate login portals, using deceptive page titles like “M𝐞tåMäsk® !Sign_IN | Log_In” to trick users into submitting sensitive credentials. This tactic is consistent with generic phishing attacks aimed at credential theft.

The domain was registered recently on March 12, 2026, and resolves to the IP address 172.64.147.209. It has been flagged by 7 out of 95 security vendors on VirusTotal and appears on two notable security blocklists, indicating verified suspicion. The hosting infrastructure is linked to a GitBook subdomain, a platform sometimes abused for phishing due to its free hosting capabilities.

Currently, the domain remains active and continues to pose a threat to users. PhishDestroy strongly advises avoiding any interaction with metmskzlogun.gitbook.io, refraining from inputting personal or login information, and reporting any encounters with the site to appropriate security teams. Users should also ensure their devices have updated security software to mitigate potential risks.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: M𝐞tåMäsk® !Sign_IN | Log_In

## Domain Intelligence
- Registered: 2026-03-12 13:07:01
- IP: 172.64.147.209
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "Emsisoft", "Kaspersky", "Netcraft", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ceffa-6120-70ec-a348-7323f021c358.png
- PhishDestroy: https://phishdestroy.io/domain/metmskzlogun.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/metmskzlogun.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metmskzlogun.gitbook.io/
Last updated: 2026-03-19