# home-extension-base.pages.dev — MALICIOUS

> home-extension-base.pages.dev is flagged for phishing and social engineering risks. Avoid interacting with this domain. Stay protected with PhishDestroy.

## Summary
PhishDestroy identifies home-extension-base.pages.dev as a high-risk generic phishing domain. Classified under social engineering threats, this domain was created recently on February 21, 2026, which is a common trait in transient phishing operations. The page title observed during investigation was "Suspected phishing site | Cloudflare," indicating cloud-based hosting with potential abuse.

Technical analysis reveals the domain resolves to IP address 172.66.47.104 and is registered through Cloudflare, Inc. It appears on three independent security blocklists, emphasizing its malicious reputation. Google Safe Browsing flags the domain specifically for social engineering, reinforcing the phishing classification. VirusTotal analysis further supports this with 13 out of 95 security vendors marking the domain as suspicious or malicious. These combined indicators suggest the domain was used in attempts to deceive users, likely to harvest credentials or sensitive data.

At the time of this report, home-extension-base.pages.dev is offline, indicating a takedown response likely due to abuse complaints or proactive security measures. PhishDestroy recommends users avoid any interaction with this domain and maintain vigilance against similar phishing infrastructure leveraging Cloudflare's content delivery. Continuous monitoring is advised for domains with comparable profiles to prevent credential theft and fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.104
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ali.ns.cloudflare.com", "alexis.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ab74f-8e95-7591-bd28-dfb3fa48aa63.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/216ad606-a090-4f20-8950-a3e637332e73
- PhishDestroy: https://phishdestroy.io/domain/home-extension-base.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/home-extension-base.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-extension-base.pages.dev/
Last updated: 2026-03-19