# blog-en-coinwallet.pages.dev — MALICIOUS

> Avoid blog-en-coinwallet.pages.dev, a high-risk crypto drainer flagged for phishing. Do not enter sensitive info and stay protected from theft.

## Summary
PhishDestroy identifies blog-en-coinwallet.pages.dev as a high-risk crypto drainer phishing domain targeting cryptocurrency users. It was registered on February 21, 2026, through Cloudflare, Inc., indicating a recent and likely malicious setup.

The domain resolves to IP 172.66.47.179 and is flagged by Google Safe Browsing for social engineering. It appears on three security blocklists and is detected by 13 out of 95 VirusTotal scanners. The page title shows a Cloudflare warning, suggesting hosting abuse.

Currently, blog-en-coinwallet.pages.dev has been taken offline, effectively halting the phishing campaign. Users should remain vigilant and avoid interacting with this domain to prevent crypto asset theft.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.179
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["cesar.ns.cloudflare.com", "mckenzie.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ada02-6b03-756a-ae21-143854997a9a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/75be23e4-08d3-4ef9-9bd3-1da68d8d3530
- PhishDestroy: https://phishdestroy.io/domain/blog-en-coinwallet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/blog-en-coinwallet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/blog-en-coinwallet.pages.dev/
Last updated: 2026-03-19