# about-conbase.gitbook.io — SUSPICIOUS

> about-conbase.gitbook.io poses as Coinbase Wallet on GitBook — a crypto phishing clone. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies about-conbase.gitbook.io as a blatant Coinbase Wallet impersonation designed to trick cryptocurrency users into entering recovery phrases or private keys. The page title “Coinbase Wallet | us” is identical to the legitimate site, yet the domain is controlled by an unknown actor. Visitors who log in see a fake wallet dashboard that silently harvests credentials or seed phrases. Once obtained, attackers drain wallets within minutes. 


This domain was flagged after resolving to IP 104.18.40.47 and registering through Cloudflare on March 30, 2014. VirusTotal scanning engines currently show 0 out of 95 detections and an SSL certificate issued by Google Trust Services, which criminals often exploit to appear trustworthy. The 2014 creation date precedes Coinbase’s public wallet launch, making the long-term registration another red flag. 


If you visited about-conbase.gitbook.io, disconnect any still-connected wallets immediately and revoke permissions in your browser or wallet app. Do not enter any seed phrases, passwords, or recovery keys—assume they are compromised. Contact Coinbase support through official channels and consider rotating all wallet addresses and passwords. Report the domain to your browser’s safe-browsing program and monitor on-chain transactions for suspicious transfers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: cloaking (HTTP ?)
- Target brand: Coinbase
- Page title: Coinbase Wallet | us

## Domain Intelligence
- Registered: 2014-03-30 06:09:09
- Registrar: Cloudflare, Inc
- IP: 104.18.40.47

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8c5a09a4-4067-4777-8e07-d42bed60ac75
- PhishDestroy: https://phishdestroy.io/domain/about-conbase.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/about-conbase.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/about-conbase.gitbook.io/
Last updated: 2026-04-11