# metamask-login-us.webflow.io — MALICIOUS

> metamask-login-us.webflow.io is a crypto drainer impersonating MetaMask. Flagged by 14 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies metamask-login-us.webflow.io as an active brand impersonation domain designed to deceive users into entering MetaMask credentials.

This domain was flagged by 14 of 95 VirusTotal security vendors as a crypto drainer impersonating MetaMask. It resolves to IP address 104.18.36.248 and operates under Google Trust Services SSL certification. The domain was created recently and has already accumulated multiple blocklist detections, indicating active malicious operations.

Current status remains active with elevated risk. Users are advised to avoid interacting with this domain entirely. Verify any MetaMask-related links through PhishDestroy’s official verification tools before proceeding. Report this domain immediately if encountered to prevent credential theft or fund loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: MetaMask

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/96494d71-fcf2-4226-8cb3-609b9b0d4fe9
- PhishDestroy: https://phishdestroy.io/domain/metamask-login-us.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/metamask-login-us.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metamask-login-us.webflow.io/
Last updated: 2026-04-15