# home-metamaskdapp.pages.dev — MALICIOUS

> Avoid home-metamaskdapp.pages.dev — a high-risk phishing domain mimicking MetaMask. The site is offline but flagged for social engineering.

## Summary
PhishDestroy identifies home-metamaskdapp.pages.dev as a high-risk brand impersonation phishing domain targeting MetaMask users. Classified under brand_impersonation, this domain was designed to deceive users into believing they were interacting with the legitimate MetaMask service. The page title “Suspected phishing site | Cloudflare” and multiple security alerts highlight its malicious intent, emphasizing the risk to unsuspecting victims.

Technically, the domain was created recently on February 21, 2026, and is registered through Cloudflare, Inc. It resolves to IP address 172.66.46.220. Google Safe Browsing flags it for SOCIAL_ENGINEERING, and it appears on three separate security blocklists, reinforcing its threat status. VirusTotal analysis shows 13 out of 95 security vendors detect malicious activity linked to this domain, confirming its suspicious nature. The use of Cloudflare infrastructure suggests an attempt to leverage trusted services to mask its phishing operations.

Currently, home-metamaskdapp.pages.dev is offline, likely due to takedown efforts following detection. This removal limits immediate risk but does not eliminate the threat entirely, as the domain or similar variants could resurface. Users and researchers should remain cautious, avoiding any interaction with this domain or related URLs that impersonate MetaMask. PhishDestroy recommends maintaining updated security tools and consulting trusted sources before entering sensitive information online.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: MetaMask
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.220
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["stella.ns.cloudflare.com", "jarred.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd95c-9c91-743a-87c8-78a27a6c0bd5.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2be0d009-e8bd-41f1-bdaf-f536b14c25af
- PhishDestroy: https://phishdestroy.io/domain/home-metamaskdapp.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/home-metamaskdapp.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-metamaskdapp.pages.dev/
Last updated: 2026-03-19