# chat-coinbase-supl.lovable.app — SUSPICIOUS > Beware of chat-coinbase-supl.lovable.app impersonating Coinbase support. Flagged by Google Safe Browsing for social engineering, it resolves to 185.41.148.1. ## Summary PhishDestroy identifies a live brand impersonation domain targeting Coinbase users: chat-coinbase-supl.lovable.app. This domain masquerades as official Coinbase support, actively luring victims under the guise of assistance. Current status is active, with no detections on VirusTotal at the time of analysis. The threat involves credential harvesting and potential financial fraud facilitated through social engineering tactics. Domain analysis reveals critical technical indicators. This impersonation site was flagged by 0 of 95 VirusTotal vendors, indicating a low detection rate likely due to its recent emergence or evasion tactics. The domain resolves to IP 185.41.148.1, hosted on infrastructure associated with suspicious activity. The SSL certificate is issued by Google Trust Services, a tactic commonly exploited to appear legitimate. Google Safe Browsing has already classified it under SOCIAL_ENGINEERING, confirming its malicious intent. Further investigation shows the domain is part of the lovable.app subdomain ecosystem, a platform often abused for phishing campaigns. Trust scores and historical data remain unfavorable, with no prior clean reputation. This domain remains active and poses an immediate risk to users seeking Coinbase support. Affected users may fall victim to credential theft, financial loss, or malware infections. PhishDestroy recommends blocking access to chat-coinbase-supl.lovable.app at the network level and updating DNS filters. Users should verify support channels exclusively through Coinbase’s official website or app. If exposed, change passwords immediately, enable two-factor authentication, and monitor financial accounts for unauthorized activity. Report the domain to Coinbase and relevant threat intelligence platforms to aid in broader mitigation. Exercise caution with unsolicited support offers and prioritize official communication channels for all cryptocurrency-related interactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Coinbase ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 185.41.148.1 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/01708683-8c50-43f0-8094-aa1e5563fcb4 - PhishDestroy: https://phishdestroy.io/domain/chat-coinbase-supl.lovable.app/ - LLM endpoint: https://phishdestroy.io/domain/chat-coinbase-supl.lovable.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/chat-coinbase-supl.lovable.app/ Last updated: 2026-03-24