# auth-coiinbse-prop-exesion-us.pages.dev — MALICIOUS

> auth-coiinbse-prop-exesion-us.pages.dev is flagged for social engineering and phishing. Avoid interacting with it; the domain is now offline.

## Summary
PhishDestroy identifies auth-coiinbse-prop-exesion-us.pages.dev as a high-risk phishing domain designed to deceive users via social engineering tactics. Such threats aim to steal sensitive personal or financial information, posing serious risks to individuals and organizations.

The domain was registered through Cloudflare, Inc. on February 21, 2026, and was actively flagged on multiple security blocklists. Google Safe Browsing specifically marked it for social engineering, and VirusTotal analysis revealed detection by numerous security vendors. The domain has since been taken offline, mitigating immediate risk.

Users are strongly advised to avoid interacting with this domain or any suspicious links resembling it. To stay protected, always verify website authenticity before entering sensitive data and keep security software up to date. Reporting suspicious domains to security platforms helps prevent further harm.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.200
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["sureena.ns.cloudflare.com", "rex.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a9d27-733d-735c-820b-43e4a48e9767.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/da0ed970-ff57-403b-945d-ce3e0d8d3316
- PhishDestroy: https://phishdestroy.io/domain/auth-coiinbse-prop-exesion-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/auth-coiinbse-prop-exesion-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/auth-coiinbse-prop-exesion-us.pages.dev/
Last updated: 2026-03-19