# esodus-wallet.pages.dev — MALICIOUS

> Warning: esodus-wallet.pages.dev is linked to crypto draining. Avoid interaction and secure your wallets immediately to protect your assets.

## Summary
PhishDestroy identifies esodus-wallet.pages.dev as a high-risk crypto drainer domain designed to steal cryptocurrency assets from unsuspecting users. Crypto drainers are particularly dangerous as they directly target digital wallets, leading to irreversible financial losses. Immediate caution is necessary when encountering this domain or similar suspicious sites to prevent asset compromise.

The domain esodus-wallet.pages.dev was registered on March 1, 2026, through Cloudflare, Inc. It was flagged by 12 out of 95 security vendors on VirusTotal and appears on two security blocklists. Although currently offline, it resolved to IP address 188.114.96.3 before takedown. The site was identified as phishing and hosted behind Cloudflare protection, which may have initially provided some anonymity to the threat actors.

Users are strongly advised to avoid visiting esodus-wallet.pages.dev or providing any wallet credentials or private keys. If exposure has occurred, immediately transfer assets to secure wallets and update all associated security measures. Utilizing hardware wallets and multi-factor authentication can provide additional protection against such crypto drainage threats. Staying informed through reliable sources like PhishDestroy is critical for ongoing crypto security.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-01 21:00:02
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: armando.ns.cloudflare.com christina.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Sophos", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/pvPqQy7K/183d41a02c38.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2349d946-5d56-4da5-b250-3a0a7986c754
- Wayback Machine: https://web.archive.org/web/https://esodus-wallet.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/esodus-wallet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/esodus-wallet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/esodus-wallet.pages.dev/
Last updated: 2026-03-19