# my-coinbase.pages.dev — MALICIOUS

> The domain my-coinbase.pages.dev poses a high phishing risk by impersonating Coinbase. Avoid interacting with it and report suspicious sites immediately.

## Summary
PhishDestroy identifies my-coinbase.pages.dev as a high-risk brand impersonation phishing domain targeting Coinbase. It was registered recently on February 21, 2026, indicating a fresh threat likely designed to deceive users.

Technical analysis shows the domain resolves to IP 172.66.47.136 and is registered through Cloudflare, Inc. Google Safe Browsing flags it for social engineering, and it appears on multiple security blocklists. VirusTotal flags 14 out of 95 vendors, reinforcing its malicious intent.

Currently, the domain is offline and inaccessible, removed from active use. This takedown reduces immediate risk, but users should remain vigilant against similar phishing attempts mimicking legitimate financial brands.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Coinbase
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.136
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["gabriella.ns.cloudflare.com", "pedro.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbbb1-0db6-7364-b783-9f99a4971c55.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/70c833bf-be3d-4702-ad55-19f76f919a1e
- PhishDestroy: https://phishdestroy.io/domain/my-coinbase.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/my-coinbase.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/my-coinbase.pages.dev/
Last updated: 2026-03-19