# portal-coinbase-cdn.typedream.app — SUSPICIOUS > portal-coinbase-cdn.typedream.app is a crypto drainer impersonating Coinbase login. Blocked by 4/95 VirusTotal engines. Verify on PhishDestroy immediately. ## Summary PhishDestroy identifies portal-coinbase-cdn.typedream.app as an active crypto drainer impersonating global cryptocurrency exchange Coinbase with elevated risk. This domain was flagged by VirusTotal with 4 out of 95 security vendors marking it malicious. It resolves to IP address 188.114.97.3 and leverages a Google Trust Services SSL certificate to appear legitimate. The platform used for this campaign is Typedream.app, a service that often hosts impersonation pages. Additional telemetry links the domain to a Coinbase impersonation kit designed to harvest wallet credentials and initiate unauthorized transfers. Current blocklist coverage remains limited, underscoring the need for proactive detection. Users encountering this domain should avoid interaction and verify any Coinbase-related link using PhishDestroy’s real-time scanner. Organizations are advised to block traffic to portal-coinbase-cdn.typedream.app at the network perimeter and update firewall rules to include the IP 188.114.97.3. Consumers should enable two-factor authentication on Coinbase accounts and use official login portals only. Report any suspicious activity to Coinbase’s fraud team and share indicators via PhishDestroy’s threat-sharing feed to strengthen collective defense. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Coinbase ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 188.114.97.3 ## Detection Status - VirusTotal: 4 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f29c7b93-85d7-4963-8cea-4c697784dce5 - PhishDestroy: https://phishdestroy.io/domain/portal-coinbase-cdn.typedream.app/ - LLM endpoint: https://phishdestroy.io/domain/portal-coinbase-cdn.typedream.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/portal-coinbase-cdn.typedream.app/ Last updated: 2026-04-11