# divace-eng-coinbasecomsign.pages.dev — MALICIOUS

> divace-eng-coinbasecomsign.pages.dev is a high-risk phishing domain. Stay alert and avoid interacting with this site to protect your data.

## Summary
PhishDestroy identifies divace-eng-coinbasecomsign.pages.dev as a high-risk generic phishing domain designed to deceive users. Its primary threat involves impersonating legitimate services to steal sensitive information.

This domain was registered through Cloudflare, Inc. on February 21, 2026, and has been flagged by multiple security vendors. It appears on three different security blocklists, confirming its malicious intent. VirusTotal analysis shows a significant portion of security engines detecting phishing activity associated with this domain.

Users are advised to avoid visiting or interacting with divace-eng-coinbasecomsign.pages.dev. The domain has been taken offline, reducing immediate risk; however, vigilance remains essential as similar phishing campaigns may arise. Employing up-to-date security software and verifying URLs before sharing personal data are recommended mitigation steps.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Coinbase
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.123
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["rita.ns.cloudflare.com", "jerome.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb523-e052-715c-8e9a-286c5ef258c3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/6ee7a9e9-7adc-49af-a787-3a0d27d55813
- PhishDestroy: https://phishdestroy.io/domain/divace-eng-coinbasecomsign.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/divace-eng-coinbasecomsign.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/divace-eng-coinbasecomsign.pages.dev/
Last updated: 2026-03-19