# new-bitmert--sso.gitbook.io — MALICIOUS

> new-bitmert--sso.gitbook.io is flagged for phishing risks. Avoid entering personal info and verify site authenticity before proceeding.

## Summary
PhishDestroy identifies new-bitmert--sso.gitbook.io as a high-risk domain involved in generic phishing activity. Phishing sites like this aim to trick users into revealing sensitive details such as passwords, credit card numbers, or login credentials by pretending to be legitimate services. The site was created in 2014 and is registered via Cloudflare, which can sometimes be used by malicious actors to mask their identity.

This phishing attempt works by mimicking a legitimate sign-in page, likely targeting users of an online service. When users visit the site, they may be prompted to input confidential information under false pretenses. The domain's IP address (172.64.147.209) is linked to Cloudflare’s network, a common tactic to hide the actual server location and complicate takedown efforts. VirusTotal flags this domain by multiple security vendors, further confirming its malicious intent.

If you have visited new-bitmert--sso.gitbook.io, avoid entering any personal information and do not download any files from the site. If you already provided sensitive data, immediately change passwords for related accounts and enable two-factor authentication where possible. Run a full antivirus scan on your device and remain vigilant for suspicious emails or messages requesting further information. Reporting the site to your organization's IT or security team can help protect others from falling victim to this scam.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: BitMart® Login® | Log in to your BitMart® Exchange

## Domain Intelligence
- Registered: 2026-03-10 13:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.64.147.209
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dahlia.ns.cloudflare.com hugh.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd542-adeb-728a-bf45-5e9263ef93a3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/5d8c78fb-0a44-4778-b0bf-8ec4b20154d4
- PhishDestroy: https://phishdestroy.io/domain/new-bitmert--sso.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/new-bitmert--sso.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/new-bitmert--sso.gitbook.io/
Last updated: 2026-03-19