# assets-help-extnsion-base.pages.dev — MALICIOUS

> Avoid interacting with assets-help-extnsion-base.pages.dev, a high-risk phishing site. Stay vigilant and do not enter personal information.

## Summary
PhishDestroy identifies assets-help-extnsion-base.pages.dev as a confirmed phishing domain with a high threat level. Classified under generic phishing, this suspicious domain uses deceptive tactics to lure victims into providing sensitive information. It was registered recently on February 21, 2026, which raises immediate red flags about its legitimacy.

From a technical perspective, the domain is hosted via Cloudflare, Inc., resolving to the IP address 172.66.45.11. It has been flagged by 13 out of 95 VirusTotal security vendors and appears on three separate security blocklists, confirming its malicious intent. Additionally, Google Safe Browsing categorizes this domain under social engineering threats, further validating the phishing classification. The page title observed during analysis was "Suspected phishing site | Cloudflare," indicating Cloudflare's detection and blocking measures.

Currently, the domain is offline, which suggests takedown actions have been successful in mitigating ongoing harm. Users are advised to remain cautious and avoid any interaction with this site or related URLs. PhishDestroy continues to monitor the domain's status and related infrastructure for any resurgence or new phishing campaigns associated with this seed e36895.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.45.11
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ishaan.ns.cloudflare.com", "megan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c7b76-7bc9-763e-b183-24fb6f67868b.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/6c5bd211-7491-4bce-b6c8-e858702602b0
- PhishDestroy: https://phishdestroy.io/domain/assets-help-extnsion-base.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/assets-help-extnsion-base.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/assets-help-extnsion-base.pages.dev/
Last updated: 2026-03-19