MalwareTips
Security Review

Is gitbook.io legit or a scam?

Our verdict:Safe· 90/100

GitBook is a reputable documentation-as-code platform with high traffic and established business operations in the United States.

Why we trust it
Operated by a legitimate US company (GitBook INC.) founded in 2012.Maintains SOC 2 and ISO 27001 security compliance standards.High global traffic volume and widespread use by reputable open-source projects.
gitbook.ioScanned 1h ago
Post Facebook
0
Trust score
SAFE
Heuristics 94·MT 88
Warning signals (1)
Redirects to another domain
View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
Registration date unknown
MT Intelligence
Safe
Low likelihood · 95% confidence
SAFE

No threats detected

All checks passed. This site appears legitimate — but always stay alert for phishing even on trusted domains.

Website Preview

Screenshot of gitbook.io
LIVE RENDER
gitbook.io

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Low scam likelihoodengineMT · Guardiantrust88/100
MT AgentLive web researchVisual inspection
0%
Confidence
The domain is the official hosting infrastructure for GitBook, a well-known knowledge management tool founded in 2012. Our analysis confirms it is operated by a legitimate US-based corporation with active business registrations and industry-standard security certifications like SOC 2. The site maintains a high global traffic rank and is widely recommended on professional review platforms. Although some malicious actors abuse the free hosting tier to create phishing pages on subdomains, the core platform and its infrastructure are trustworthy. We found no evidence of malicious intent from the platform operators themselves.
Full dossier
Analysis complete

Page Content

The page serves as the primary landing site for a professional documentation platform, featuring clear product descriptions, enterprise pricing, and integration details. It utilizes modern web frameworks and loads resources from verified internal and analytics domains.

Infrastructure

The site is hosted on high-reputation infrastructure with a valid SSL certificate issued by Google Trust Services. It shows significant global traffic consistent with a major technology service provider.

Domain History

The domain has a long-standing history and is the established home for GitBook's user-generated documentation. It is linked to a verified business entity, GitBook INC., which has been active for over a decade.

Web Reputation

Independent review aggregators and professional software communities consistently rate the service highly for team collaboration. While security researchers have noted that phishers occasionally use the platform's subdomains for lures, these are external abuses of a legitimate service rather than a flaw in the platform itself.
Risk Factors
3
  • The platform's free hosting tier is frequently targeted by phishers to host fake crypto wallet lures.
  • Individual subdomains (*.gitbook.io) may contain content not vetted by the platform operators.
  • Some users have reported dissatisfaction with recent pricing and feature gating changes.
Positive Signals
4
  • Operated by a legitimate US company (GitBook INC.) founded in 2012.
  • Maintains SOC 2 and ISO 27001 security compliance standards.
  • High global traffic volume and widespread use by reputable open-source projects.
  • Clean scan results across more than 90 antivirus engines.
AI Recommendation
The platform is safe to use for documentation and knowledge sharing. Always verify the specific subdomain and content if you are redirected to a GitBook page from an unsolicited message.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for gitbook.io, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
Active · USA
Site traces back to an actively registered business.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
2 scam reports · 3 complaints · 3 positive
Key findings
7 headline facts from open-web research
  • gitbook.io is the official hosting domain for GitBook's user-created documentation sites; the company's main site is www.gitbook.com.
  • GitBook INC. lists physical address in Covina, CA and EIN 320502699 on its official pages; company founded in 2012, ~38 employees, offers SOC 2 / ISO 27001 compliance.
  • The free tier on GitBook is frequently abused by phishers to host AI-generated lure sites impersonating crypto wallets (Trezor, MetaMask, etc.), with numerous *.gitbook.io subdomains flagged as phishing.
  • No direct scam reports against the gitbook.io platform itself; complaints center on pricing changes, feature gating, and rising costs for the GitBook service (Trustpilot ~1.9/5 in some reports).
  • Widely used for legitimate technical documentation (open-source projects, companies, tutorials); positive mentions on Reddit, G2, and review sites as a docs-as-code / knowledge base tool.
  • Netcraft reported in 2024 that phishers create sophisticated, content-heavy lure sites on the platform due to easy signup with only an email.
  • PitchBook and LinkedIn confirm US-based operations in California with no indications of dissolution.
Scam reports (2)
Direct quotes from public scam databases, forums, and news.
  • Netcraftopen

    "These lure sites are hosted on Gitbook, a documentation platform that targets software developers and offers a free tier requiring only an email address to sign up."

  • PhishDestroy / Gridinsoft / PCRisk / MalwareURLopen

    "Multiple subdomains such as helpstrezorhardwrewallet.gitbook.io, kukkulogin.gitbook.io, metamaskiologil-1.gitbook.io, memetamsksignn.gitbook.io, and us-robiihoodloginh.gitbook.io flagged as phishing lures or low trust (e.g. 3/100)."

Positive reviews (3)
Quotes indicating the site is legitimate.
  • GitBook.com / Testimonialsopen

    "“We view GitBook as a growth tool. If our docs are easy to use, our users will be successful and adopt our products.” — Trevor Lynn, Head of Marketing, Roboflow"

  • G2 / Review sitesopen

    "GitBook enables teams to easily manage, share and publish their knowledge through a documentation platform designed for the entire organization."

  • Almanac / Reviewopen

    "Gitbook is a versatile tool that allows for productive team collaboration in order to create an internal wiki... Gitbook is a good option for your online documentation needs."

Business registration
Status: active · USA

Operates as GitBook INC., address 440 N Barranca Ave #7171, Covina, CA 91723. EIN: 320502699 provided on site. Founded 2012, ~38-50 employees, headquartered in Covina, CA (LinkedIn/PitchBook). Compliance: SOC 2, ISO 27001, GDPR.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
Our research confirms that GitBook is a legitimate business based in California with a solid reputation on professional review sites like G2. While we found reports from security outlets like Netcraft regarding phishers abusing the platform to host fake crypto pages, these are isolated to specific subdomains. General consumer feedback is positive, though some users on independent review sites have expressed frustration with recent subscription price increases.

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious61Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerGoogle Trust Services · WE1
ExpiresSep 5, 2026 (71d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS
Web servercloudflare
Platform / CMSFramer 7bb32ee
PopularityTop 100k worldwide

Redirect Chain

Hops
2
Cross-domain
Yes
Lookalike
No
Punycode
No
  • 1301http://gitbook.io/
  • 2302https://gitbook.io/
  • 3200https://www.gitbook.com/cross-domain

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file4
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Still, stay alert

No major threat indicators — but a clean scan does not guarantee every page is safe, and phishing emails routinely spoof real domains.

  • Double-check the exact URL in your address bar

    Confirm you are actually on gitbook.io and not a lookalike like g-itbook.io.com or an IDN homoglyph.

  • Use a password manager

    Password managers only auto-fill on the exact domain they were saved for — they refuse to fill lookalike domains, which is the single best phishing defence.

  • Discuss this site on the forum

    If you have first-hand experience with this site — good or bad — share it with the MalwareTips community.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

framerusercontent.comframer.comgitbook.comcdn.amplitude.comjs.hs-scripts.comgoogletagmanager.comfonts.gstatic.comredditstatic.comevents.framer.comapp.gitbook.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review found no threat indicators on gitbook.io. The site appears legitimate based on the signals we checked, but always stay alert for phishing emails that spoof real domains.
  • gitbook.io passed our automated security checks with a trust score of 90/100. No antivirus engines or major blacklists flagged the site at the time of the last scan.
  • Yes. gitbook.io presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 71 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • No. All 92 antivirus engines in our malware network report gitbook.io as clean.
  • No. gitbook.io is not currently listed on the major browser blocklist feeds that modern browsers use.
  • gitbook.io resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • Yes. gitbook.io sits in the global top-100k on Cloudflare Radar, which means it has substantial real-world traffic. That does not automatically make it safe, but established brands almost always rank here and throwaway scam domains almost never do.
  • This is a permanent record of the scan run on June 25, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around gitbook.io have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·gitbook.io
SAFE

GitBook is a legitimate documentation platform used by thousands of software teams. While the platform itself is safe, users should be cautious of individual subdomains which are sometimes abused by third parties to host phishing content.

The platform is safe to use for documentation and knowledge sharing. Always verify the specific subdomain and content if you are redirected to a GitBook page from an unsolicited message.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Safe reports

Browse all reports
Safetrust95
rs6.net
1m ago
Read the review
Safetrust97
bbci.co.uk
1m ago
Read the review
Safetrust97
nicovideo.jp
1m ago
Read the review
Safetrust97
ripe.net
2m ago
Read the review
Safetrust97
handelsblatt.com
2m ago
Read the review
Safetrust96
mimecast.com
3m ago
Read the review
Safetrust96
macomnet.ru
55m ago
Read the review
Safetrust97
hrw.org
57m ago
Read the review
Safetrust95
blogspot.co.uk
57m ago
Read the review
Safetrust86
nic.video
57m ago
Read the review
Safetrust97
nobelprize.org
59m ago
Read the review
Safetrust95
thetimes.com
59m ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.