# home-get-coinbase.pages.dev — MALICIOUS

> Avoid home-get-coinbase.pages.dev as it impersonates Coinbase and is flagged for phishing. Do not enter personal info and stay secure online.

## Summary
PhishDestroy identifies home-get-coinbase.pages.dev as a high-risk phishing domain targeting users by impersonating the well-known cryptocurrency platform Coinbase. This domain represents a significant social engineering threat, aiming to deceive users into divulging sensitive information under false pretenses.

Supporting evidence includes multiple security blocklists that have flagged this domain, alongside a Google Safe Browsing designation for social engineering activity. The domain was registered recently on February 21, 2026, through Cloudflare, Inc. It resolves to an IP address associated with Cloudflare’s infrastructure and has been reported by 13 out of 95 VirusTotal security vendors for malicious activity. Its page title is identified as a suspected phishing site, further confirming its malicious intent.

Currently, home-get-coinbase.pages.dev is taken offline, reducing immediate risk to users. PhishDestroy recommends remaining vigilant and avoiding interaction with this domain. Users should never provide login credentials or financial information on suspicious sites and should verify URLs carefully when accessing cryptocurrency services. Keeping security software up to date and relying on trusted sources for Coinbase access can help prevent falling victim to such impersonation scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Coinbase
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.105
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["simone.ns.cloudflare.com", "scott.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce27f-d5ea-75a9-aa7c-79b253ac71a0.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7eff3647-a8b1-4b00-b632-94be7db7638e
- PhishDestroy: https://phishdestroy.io/domain/home-get-coinbase.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/home-get-coinbase.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-get-coinbase.pages.dev/
Last updated: 2026-03-19