# metamsxqlugon.gitbook.io — MALICIOUS

> Stay safe from phishing at metamsxqlugon.gitbook.io. Avoid sharing MetaMask credentials and report suspicious sites immediately.

## Summary
PhishDestroy identifies metamsxqlugon.gitbook.io as a medium-risk phishing domain impersonating the MetaMask brand. The domain was registered recently on March 12, 2026, and uses the page title "Metamask® Login - A Gateway to Secure and User | us" to deceive users into believing it is an official MetaMask login portal. This classification is based on brand impersonation tactics designed to harvest sensitive user credentials.

Technical indicators include the domain’s presence on two security blocklists and detection by 8 out of 95 VirusTotal security vendors, signaling suspicious activity. The domain leverages GitBook hosting, which is often exploited for phishing due to ease of setup and trusted reputation. Its infrastructure is minimal but effective in mimicking legitimate MetaMask interfaces to lure victims.

Currently, metamsxqlugon.gitbook.io is offline, suggesting takedown actions or manual suspension following detection. Users are advised not to visit the domain or enter any personal information. Continuous monitoring and reporting of similar domains are essential to protect the MetaMask user community from evolving phishing threats. This analysis uses the unique seed d9242b for reference and tracking.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: MetaMask
- Page title: Metamask® Login - A Gateway to Secure and User | us

## Domain Intelligence
- Registered: 2026-03-12 13:07:01
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 8 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "ESET", "Emsisoft", "Kaspersky", "Netcraft", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce154-d215-76c6-8346-203a10c92afc.png
- PhishDestroy: https://phishdestroy.io/domain/metamsxqlugon.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/metamsxqlugon.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metamsxqlugon.gitbook.io/
Last updated: 2026-03-19