# metacivia-architect.pages.dev — SUSPICIOUS

> Warning: metacivia-architect.pages.dev hosts a crypto drainer phishing page impersonating a MetaMask wallet.

## Summary
PhishDestroy identifies metacivia-architect.pages.dev as an active crypto drainer phishing domain under investigation. This threat vector specifically targets cryptocurrency users by mimicking legitimate wallet interfaces to siphon funds. Initial analysis reveals a high-risk configuration designed to deceive users into exposing private keys or authorizing malicious transactions.

This domain was flagged with 0 detections out of 95 engines on VirusTotal, indicating it has yet to be widely recognized by antivirus platforms. Registered through Cloudflare, Inc., the domain resolves to IP address 188.114.96.3 and leverages a Google Trust Services SSL certificate to appear legitimate. The phishing page impersonates MetaMask, a popular cryptocurrency wallet, exploiting user trust in familiar interfaces. Cloudflare's infrastructure complicates direct takedown efforts, while the lack of blocklist coverage (0/95 detections) suggests this domain is in early deployment stages.

To mitigate risk, cryptocurrency users should verify all transaction pages against PhishDestroy's database before entering credentials or approving transfers. Never click links from unsolicited messages or ads; manually navigate to wallet interfaces. Enable hardware wallet protections and use transaction simulation tools to detect drainer behaviors. Report suspicious domains immediately to PhishDestroy for rapid analysis and community-wide alerts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/49f0f8a5-0c66-4dab-abca-5a2fadcfee20
- PhishDestroy: https://phishdestroy.io/domain/metacivia-architect.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/metacivia-architect.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metacivia-architect.pages.dev/
Last updated: 2026-03-27