# metamaskwallt-support.framer.ai — SUSPICIOUS

> Avoid metamaskwallt-support.framer.ai—this low-risk crypto drainer domain is offline but was flagged for phishing. Stay vigilant and do not interact.

## Summary
PhishDestroy identifies metamaskwallt-support.framer.ai as a crypto drainer domain designed to steal cryptocurrency assets by mimicking legitimate wallet support services. Classified as a low-risk threat, this domain attempts to deceive users into revealing private keys or seed phrases. Its naming closely resembles 'MetaMask wallet,' a popular crypto wallet, indicating clear intent to mislead crypto users.

Technically, the domain was registered recently on March 4, 2026, and resolved to IP address 31.43.160.6. It appeared on three security blocklists, raising suspicion despite only two out of ninety-five VirusTotal vendors flagging it. This discrepancy suggests a subtle or emerging threat rather than a widespread detection. The domain's infrastructure shows typical phishing characteristics, including the use of a subdomain under framer.ai, a platform known for hosting web projects.

Currently, metamaskwallt-support.framer.ai is taken offline, mitigating immediate risk to users. PhishDestroy recommends avoiding any interaction with this domain and monitoring for similar variants. The low risk level does not negate potential harm, especially for less experienced cryptocurrency holders. Continuous monitoring and user education remain crucial defenses against such crypto drainer threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 404)
- Target brand: MetaMask
- Page title: Site Not Found | Framer

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- Registrar: CSC Corporate Domains, Inc.
- Country: US
- IP: 31.43.160.6
- IP Country: NL
- IP City: Amsterdam
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: ["ns-1902.awsdns-45.co.uk", "ns-635.awsdns-15.net", "ns-1198.awsdns-21.org", "ns-114.awsdns-14.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/PvnsYTvH/8e85b3e88242.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/d60cd9fb-1feb-4063-84ee-b18eb150f524
- Wayback Machine: https://web.archive.org/web/https://metamaskwallt-support.framer.ai
- PhishDestroy: https://phishdestroy.io/domain/metamaskwallt-support.framer.ai/
- LLM endpoint: https://phishdestroy.io/domain/metamaskwallt-support.framer.ai/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metamaskwallt-support.framer.ai/
Last updated: 2026-03-19