# get-mtamskwallet.pages.dev — MALICIOUS

> get-mtamskwallet.pages.dev is a high-risk crypto drainer domain flagged for phishing. Avoid this site and verify before interacting with crypto wallets.

## Summary
PhishDestroy identifies get-mtamskwallet.pages.dev as a crypto drainer domain designed to steal cryptocurrency assets from unsuspecting users. This type of threat is critical as it can lead to significant financial loss.

The domain was created recently on February 21, 2026, registered via Cloudflare, Inc., and resolves to IP 172.66.44.109. It appeared on multiple security blocklists and is flagged by Google Safe Browsing for social engineering, with VirusTotal detecting suspicious activity. Currently, the site is offline.

Users should avoid visiting get-mtamskwallet.pages.dev and never enter private keys or sensitive wallet credentials on suspicious sites. Always verify URLs carefully and use trusted security solutions to protect crypto holdings.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.109
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["graham.ns.cloudflare.com", "nora.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a7caa-0b20-767b-a723-b61a607741ab.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a2239464-cb33-4299-82b6-e3ba4ddac3f9
- PhishDestroy: https://phishdestroy.io/domain/get-mtamskwallet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/get-mtamskwallet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/get-mtamskwallet.pages.dev/
Last updated: 2026-03-19