# eng-coinbse-pro-nav-start.pages.dev — MALICIOUS

> eng-coinbse-pro-nav-start.pages.dev is a confirmed phishing domain. Avoid interaction; it is flagged for social engineering risks and currently offline.

## Summary
PhishDestroy identifies eng-coinbse-pro-nav-start.pages.dev as a high-risk phishing domain engaged in generic phishing activities. The site’s intent is to deceive users through social engineering tactics, posing significant security threats to unsuspecting victims.

This domain was flagged by multiple security sources: it appears on three security blocklists and is categorized under SOCIAL_ENGINEERING by Google Safe Browsing. Additionally, 13 out of 95 VirusTotal security vendors have detected malicious activity linked to this domain. It was registered recently on February 21, 2026, via Cloudflare, Inc., and resolves to the IP address 172.66.47.42, which is associated with Cloudflare’s infrastructure. The page title currently returns a Cloudflare warning indicating it is suspected phishing.

To mitigate risk, this domain is now offline and inaccessible, preventing further harm. Users and organizations should continue to block and monitor any traffic related to this domain. Vigilance is advised since phishing domains often reappear with slight variations. PhishDestroy recommends maintaining updated threat intelligence and employing web filtering solutions to guard against such deceptive sites.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.42
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["itzel.ns.cloudflare.com", "sergi.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a3240-d25c-720c-9507-72f233df8481.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/56fac52b-97bf-4f72-85c4-1bdef73279da
- PhishDestroy: https://phishdestroy.io/domain/eng-coinbse-pro-nav-start.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eng-coinbse-pro-nav-start.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eng-coinbse-pro-nav-start.pages.dev/
Last updated: 2026-03-19