# docs-exoduss-web.pages.dev — MALICIOUS

> docs-exoduss-web.pages.dev was flagged for phishing activity. Avoid interaction and report suspicious sites promptly to stay safe online.

## Summary
PhishDestroy identifies docs-exoduss-web.pages.dev as a medium-risk generic phishing domain. The domain was created recently on March 01, 2026, and was utilized to deceive users by masquerading as a trustworthy source, potentially aiming to steal sensitive information such as login credentials or personal data. This deceptive activity classifies it as a threat requiring immediate caution from users and administrators alike.

The domain resolved to the IP address 188.114.96.3 and was registered through Cloudflare, Inc., which is commonly used for content delivery and security services but can also be exploited by threat actors to obfuscate the origin of malicious websites. VirusTotal scans flagged the domain by 5 out of 95 security vendors, indicating a moderate detection rate. The website was hosted on a Cloudflare Pages subdomain, which can facilitate rapid deployment of phishing pages mimicking legitimate services.

Currently, docs-exoduss-web.pages.dev has been taken offline, reducing the immediate risk to users. However, the transient nature of such domains means they can reappear under different names or IP addresses. Users are advised to remain vigilant, avoid clicking links from untrusted sources, and use updated security software. Organizations should monitor for any related activity and consider implementing domain blocking or filtering to mitigate further exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Exodus
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-01 21:00:02
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: lex.ns.cloudflare.com pat.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "Fortinet", "Kaspersky"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/YBhY8wp7/3582afab8e1f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/cd92c5ee-d535-482d-83f0-b4da6167e5d2
- Wayback Machine: https://web.archive.org/web/https://docs-exoduss-web.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/docs-exoduss-web.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/docs-exoduss-web.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/docs-exoduss-web.pages.dev/
Last updated: 2026-03-19