# metamvuask-wa-llet.webflow.io — MALICIOUS

> This Webflow domain (metamvuask-wa-llet.webflow.io) impersonates MetaMask wallets; 18/95 VirusTotal scanners flag it as phishing.

## Summary
PhishDestroy identifies metamvuask-wa-llet.webflow.io as an active fraudulent site posing as a MetaMask wallet interface. This phishing domain was specifically crafted to harvest private keys and recovery phrases from users expecting the legitimate wallet. Victims who enter sensitive credentials risk immediate loss of cryptocurrency funds, as the site transmits captured data to attacker-controlled servers without any encryption or consent.  The domain was flagged by 18 of 95 VirusTotal security vendors upon scan. The SSL certificate, issued by Google Trust Services, only confirms the connection is encrypted to the malicious server, not that the site itself is legitimate. This domain resolves to IP 104.18.36.248 and uses the Webflow platform to mimic authentic wallet branding. Known fraudulent pages on this domain have been observed since early discovery, with no evidence of legitimate use. It exploits the trust in Webflow.io subdomains to appear credible while hosting fake wallet login forms. Users are cautioned that this site is not affiliated with MetaMask or ConsenSys despite its misleading naming and structure.  If you visited metamvuask-wa-llet.webflow.io, immediately revoke access to any wallet-related permissions granted on this site. Disconnect the site from your browser and clear saved passwords and cookies specific to the domain. Monitor your wallet transactions and consider transferring remaining funds to a new address if sensitive data was exposed. Report the domain to your antivirus provider and MetaMask support via their official phishing portal. Never re-enter credentials on this domain, and share this warning with others who may have interacted with similar wallet-impersonation sites.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/289bb516-2b2b-45e3-8a2b-64f36223ab28
- PhishDestroy: https://phishdestroy.io/domain/metamvuask-wa-llet.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/metamvuask-wa-llet.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metamvuask-wa-llet.webflow.io/
Last updated: 2026-03-22