# secure-metamask-en-us.pages.dev — MALICIOUS

> secure-metamask-en-us.pages.dev is a high-risk phishing site impersonating MetaMask. Avoid interaction and protect your crypto assets. Learn more now.

## Summary
PhishDestroy identifies secure-metamask-en-us.pages.dev as a dangerous phishing domain targeting MetaMask users. This site aims to steal sensitive login and wallet information by mimicking the brand's appearance.

The phishing works by presenting a fake MetaMask login page to trick users into entering their private keys or credentials. The domain was created recently and flagged by multiple security blocklists, increasing its threat credibility.

If you visited this site, immediately change your MetaMask passwords and revoke any potentially compromised wallet access. Run a security scan and monitor your accounts for suspicious activity.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: MetaMask
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.168
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["meadow.ns.cloudflare.com", "benedict.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cebed-0dcc-7308-9f4d-a467d2ceb5a6.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/31dbba65-c6a8-481a-bc81-ab7c22246223
- PhishDestroy: https://phishdestroy.io/domain/secure-metamask-en-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/secure-metamask-en-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/secure-metamask-en-us.pages.dev/
Last updated: 2026-03-19