# coinbase-blogger-clo-nbza.bolt.host — MALICIOUS > coinbase-blogger-clo-nbza.bolt.host is flagged for phishing risks. Learn how to stay safe and what to do if you visited this suspicious site. ## Summary PhishDestroy identifies coinbase-blogger-clo-nbza.bolt.host as a potentially dangerous phishing domain designed to deceive users by mimicking legitimate Coinbase services. Although this domain is newly registered on November 14, 2024, and currently under investigation, it has already been flagged by Google Safe Browsing for social engineering risks. This means users could be targeted to disclose sensitive information like login credentials or financial details. This phishing operation likely uses a convincing replica of Coinbase’s interface to trick users into entering private data. The domain name itself attempts to impersonate Coinbase by including the brand name combined with suspicious elements like "blogger-clo-nbza" and being hosted on a third-party platform, bolt.host. Despite VirusTotal showing no detections, the suspicious registration details and Google’s social engineering warning strongly suggest malicious intent. Attackers often rely on such deceptive domains to harvest credentials for fraudulent transactions or identity theft. If you have visited coinbase-blogger-clo-nbza.bolt.host, it is critical to immediately change any Coinbase passwords and enable two-factor authentication to protect your account. Avoid providing any personal or payment information on this site. Additionally, monitor your financial accounts for unauthorized activity and report any suspicious transactions to Coinbase support. Users should also consider running a security scan on their devices and remain cautious of unsolicited emails or messages referencing Coinbase to prevent future phishing attempts. ## Threat Details - Verdict: MALICIOUS - Site status: dead (HTTP 0) - Target brand: Coinbase - Page title: Coinbase Blogger Clone ## Domain Intelligence - Registered: 2026-03-06 11:07:01 - Registrar: Cloudflare, Inc. - Country: US - IP: 104.26.12.118 - IP Country: US - IP City: San Francisco - IP Org: AS13335 Cloudflare, Inc. - Nameservers: ["alex.ns.cloudflare.com", "galilea.ns.cloudflare.com"] - SSL Issuer: Google Trust Services / WE1 ## Detection Status - VirusTotal: 14 vendors flagged Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "Trustwave", "Yandex Safebrowsing"] - Google Safe Browsing: FLAGGED - Blocklists: 2 hits Lists: ["PhishDestroy", "MetaMask"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019cc29c-b700-72eb-a539-bdd2df62a93c.png - Cloudflare Radar: https://radar.cloudflare.com/domains/coinbase-blogger-clo-nbza.bolt.host - Wayback Machine: https://web.archive.org/web/https://coinbase-blogger-clo-nbza.bolt.host - PhishDestroy: https://phishdestroy.io/domain/coinbase-blogger-clo-nbza.bolt.host/ - LLM endpoint: https://phishdestroy.io/domain/coinbase-blogger-clo-nbza.bolt.host/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/coinbase-blogger-clo-nbza.bolt.host/ Last updated: 2026-03-19