# metta--maask-login.pages.dev — MALICIOUS

> metta--maask-login.pages.dev is flagged for credential phishing. Avoid sharing login info and stay vigilant. Learn more about this threat now.

## Summary
PhishDestroy identifies metta--maask-login.pages.dev as a high-risk credential phishing domain. Classified primarily under social engineering tactics, this domain aims to deceive users into divulging sensitive login credentials by mimicking legitimate services. The phishing intent is supported by Google Safe Browsing's social engineering warnings.

Technical analysis reveals the domain was registered through Cloudflare, Inc. on February 21, 2026. It appears on three distinct security blocklists and is detected by 14 out of 95 security vendors on VirusTotal. These indicators suggest a concerted effort to evade detection while leveraging popular cloud infrastructure for hosting malicious content.

Currently, metta--maask-login.pages.dev is offline, mitigating immediate risk. However, its previous activity underlines the persistent threat posed by social engineering attacks. Users are advised to remain cautious of atypical login pages and verify URLs before entering credentials. PhishDestroy continues to monitor this domain and similar campaigns to provide timely alerts and protection guidance.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.96
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["luciane.ns.cloudflare.com", "junade.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c7ade-d57b-70cf-95e6-aa03f88dcf7b.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/e32ad470-339d-437b-94fa-a92b77841101
- PhishDestroy: https://phishdestroy.io/domain/metta--maask-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/metta--maask-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/metta--maask-login.pages.dev/
Last updated: 2026-03-19