# coimbe-exteansion-doc.pages.dev — MALICIOUS

> coimbe-exteansion-doc.pages.dev is flagged for phishing. Avoid sharing personal info and do not interact with this site to stay safe online.

## Summary
PhishDestroy identifies coimbe-exteansion-doc.pages.dev as a high-risk phishing domain designed to deceive users into providing sensitive information. This site poses a significant danger by exploiting social engineering tactics to trick visitors into revealing personal or financial data.

This phishing campaign operates by mimicking legitimate document or extension services, luring users with convincing pages to capture login credentials or other private details. The domain was created recently, uses Cloudflare for registration, and has been flagged by multiple security services, confirming its malicious intent.

If a user has visited coimbe-exteansion-doc.pages.dev, it is crucial to avoid entering any information. They should immediately scan their devices for malware, change passwords for potentially compromised accounts, and monitor financial statements for unusual activity. Reporting the incident to security teams or authorities can also help mitigate further risks.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.128
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["dayana.ns.cloudflare.com", "burt.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a7dcc-e9b0-7250-bf40-1bc5b7f228ea.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2be1764b-aba6-49f6-899c-8b5408b31d10
- PhishDestroy: https://phishdestroy.io/domain/coimbe-exteansion-doc.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/coimbe-exteansion-doc.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/coimbe-exteansion-doc.pages.dev/
Last updated: 2026-03-19