# coinbase-clone-darline-konadu.netlify.app — SUSPICIOUS

> coinbase-clone-darline-konadu.netlify.app mimics Coinbase to trick users. Learn why this phishing site was taken offline and how to stay protected.

## Summary
PhishDestroy identifies coinbase-clone-darline-konadu.netlify.app as a medium-risk brand impersonation phishing domain targeting Coinbase users. This type of threat aims to deceive individuals by mimicking a trusted brand, potentially leading to credential theft or financial loss. Although currently offline, the domain posed a social engineering risk by attempting to impersonate Coinbase’s identity.

The domain was registered on March 10, 2026, through Netlify and resolved to the IP address 35.157.26.135. It appeared on two security blocklists and was flagged by Google Safe Browsing for social engineering tactics. VirusTotal scans detected 4 out of 95 security vendors flagging this domain, reinforcing the suspicion of malicious intent. Despite its takedown, the domain’s infrastructure and registration details emphasize ongoing attempts to exploit Coinbase’s reputation.

Users should remain vigilant against suspicious links, especially those resembling official cryptocurrency platforms like Coinbase. Never enter login credentials or personal information on unfamiliar websites. It is advisable to verify URLs carefully and use official apps or websites for transactions. Reporting suspicious domains to security services and keeping antivirus software updated also helps mitigate phishing risks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 404)
- Target brand: Coinbase
- Page title: Site not found

## Domain Intelligence
- Registered: 2026-03-10 13:07:01
- Registrar: Netlify
- Country: US
- IP: 35.157.26.135
- IP Country: DE
- IP City: Frankfurt am Main
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: DigiCert Inc / DigiCert Global G2 TLS RSA SHA256 2020 CA1

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "Google Safebrowsing", "Lionic"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/PZLKn5BN/d7991c15b53c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4721fabb-78d5-4ac3-9d94-80c6bd977784
- PhishDestroy: https://phishdestroy.io/domain/coinbase-clone-darline-konadu.netlify.app/
- LLM endpoint: https://phishdestroy.io/domain/coinbase-clone-darline-konadu.netlify.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/coinbase-clone-darline-konadu.netlify.app/
Last updated: 2026-03-19