# web-manage-coinbase.pages.dev — MALICIOUS

> web-manage-coinbase.pages.dev is a dangerous phishing site targeting Coinbase users. Avoid interacting and report suspicious activity immediately.

## Summary
PhishDestroy identifies web-manage-coinbase.pages.dev as a high-risk phishing domain impersonating the legitimate Coinbase brand. Users attempting to access what they believe is Coinbase may be tricked into providing sensitive login credentials or financial information. This site poses a significant security threat designed to steal personal and account data.

This phishing attempt operates by mimicking the Coinbase interface and branding to create a convincing fake website. Victims are lured into entering private information, which attackers can then exploit for unauthorized access and fraudulent transactions. The domain was registered recently, flagged for social engineering by Google Safe Browsing, and appears on multiple security blocklists. VirusTotal also reports that 15 out of 95 security engines detect malicious activity from this domain.

If anyone has visited web-manage-coinbase.pages.dev, it is crucial to immediately change any Coinbase passwords and enable two-factor authentication on their accounts. Users should also monitor financial statements for unusual activity and report any suspicious transactions to Coinbase and their financial institution. Avoid clicking on links from unknown sources and always verify website URLs before inputting any sensitive data. PhishDestroy advises staying vigilant and relying on official Coinbase channels for all cryptocurrency management activities.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Coinbase
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.108
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["tess.ns.cloudflare.com", "gordon.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c9523-a206-71c3-ac06-7a1c91d99742.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/41f177fc-4778-4ce6-9f91-d3456d28dc7a
- PhishDestroy: https://phishdestroy.io/domain/web-manage-coinbase.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/web-manage-coinbase.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web-manage-coinbase.pages.dev/
Last updated: 2026-03-19