metmskluginn-auth.gitbook.io
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of metmskluginn-auth.gitbook.io
This domain appears to be a GitBook-hosted page presenting itself as a MetaMask login or onboarding resource. The page title, visible branding, and on-page text reference MetaMask, a well-known cryptocurrency wallet, and encourage visitors to "Connect Wallet" while displaying wallet-related promotional imagery and setup instructions.
Based on the subdomain structure, the page is hosted under gitbook.io rather than on an official MetaMask-owned domain. That suggests it may be a third-party documentation-style page or a look-alike page using a publishing platform to imitate a cryptocurrency service. The operator is not clearly identified on the page, and the available content does not provide clear evidence of an official relationship with the MetaMask brand.
Safety Assessment for metmskluginn-auth.gitbook.io
Multiple security signals indicate elevated risk at the time of this scan. The domain was flagged by 14 out of 91 security engines, with many classifying it as phishing or otherwise malicious. In addition, one major phishing database and another threat database listed the URL, and the page content strongly resembles a MetaMask-branded login or wallet-connection page hosted on an unrelated GitBook subdomain. That combination may indicate an attempt to imitate a known cryptocurrency service in order to collect wallet credentials or trigger unsafe wallet interactions.
The malware scan did not report infected files, but it did attach a generic malicious verdict to the domain and several internal URLs. A DNS-based mail-reputation blocklist also lists the IP address, although that signal is weaker than direct phishing detections and may reflect broader IP reputation rather than website content. Even so, the stronger indicators here are the multi-engine phishing consensus, the phishing-database listing, and the apparent brand imitation on a non-official host.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid SSL/TLS certificate issued by a mainstream certificate authority, with expiry shown as 2026-08-17. It is served through Cloudflare infrastructure on IP address 104.18.40.47, with hosting geolocated to Canada in this scan. The domain uses Cloudflare nameservers, and DNSSEC appears to be unsigned.
From an infrastructure perspective, the page is hosted on a GitBook subdomain rather than a dedicated brand-owned domain, which is notable given the MetaMask-themed content. No obvious server-side malware was identified in the file scan, but the combination of phishing detections, threat-database listings, and suspicious wallet-connection branding represents the main technical concern rather than TLS or hosting misconfiguration.
Share your experience with this website. Was it safe? Did you encounter any issues?