# doc--exodus-web3.pages.dev — SUSPICIOUS

> The domain doc--exodus-web3.pages.dev poses a low-level phishing threat. Avoid sharing sensitive info and exercise caution when interacting with it.

## Summary
PhishDestroy identifies doc--exodus-web3.pages.dev as an active domain associated with generic phishing activities, categorized under a low risk level. Users should remain cautious as the threat, while not highly severe, still poses potential risks to sensitive data.

Analysis reveals that this domain is registered through Cloudflare, Inc. and resolves to IP address 172.66.47.169. Although only a single security vendor on VirusTotal has flagged it, the domain appears on two separate security blocklists, indicating suspicious behavior and justifying monitoring.

To mitigate risks, users are advised to refrain from entering personal or financial details on this site. Organizations should consider adding the domain to their internal blocklists and maintain vigilance. Currently, the domain status is active, emphasizing the importance of ongoing awareness and cautious interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Target brand: Exodus
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-04 23:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.169
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: crystal.ns.cloudflare.com james.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["ChainPatrol"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbaec-fcd6-705b-be99-76f7bc27df80.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/doc--exodus-web3.pages.dev
- Wayback Machine: https://web.archive.org/web/https://doc--exodus-web3.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/doc--exodus-web3.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/doc--exodus-web3.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/doc--exodus-web3.pages.dev/
Last updated: 2026-03-19