# coindexauths.pages.dev — MALICIOUS

> Avoid coindexauths.pages.dev—flagged for phishing and social engineering. Domain now offline but remain vigilant against scams.

## Summary
PhishDestroy identifies coindexauths.pages.dev as a high-risk phishing domain targeting users with social engineering tactics. This malicious site is designed to deceive victims into divulging sensitive information, posing significant threat to individual and organizational security.

Technically, the domain was registered via Cloudflare, Inc. on February 21, 2026, and has been flagged by Google Safe Browsing for social engineering. It appears on two security blocklists and has been detected by 15 out of 95 VirusTotal security vendors, confirming its malicious intent and widespread recognition among cybersecurity tools.

Currently, the domain is offline, mitigating immediate risk. However, users and organizations should remain cautious of related phishing attempts and ensure robust security measures, including updated anti-phishing tools and user awareness training, to prevent future compromise.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.173
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["yevgen.ns.cloudflare.com", "bonnie.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c14c8-bf89-71b0-9d9e-3741491b4615.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/88997fcf-e28f-49b3-9eec-63676a4b593f
- PhishDestroy: https://phishdestroy.io/domain/coindexauths.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/coindexauths.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/coindexauths.pages.dev/
Last updated: 2026-03-19