# exodusfs.com — SUSPICIOUS

> Exodusfs.com is linked to medium-risk phishing activity. The domain is offline; avoid interaction and monitor for related threats.

## Summary
PhishDestroy identifies exodusfs.com as a medium-risk generic phishing domain. The site was used to impersonate legitimate services, aiming to deceive users into divulging sensitive information. This activity poses a moderate threat, warranting caution for users and security teams.

The domain was registered on February 21, 2026, through a dead domain registrar and has appeared on three separate security blocklists. VirusTotal analysis shows limited but consistent detection by security vendors, indicating some consensus on its malicious intent. The infrastructure suggests a typical phishing setup, lacking advanced evasion but sufficiently convincing to cause harm.

Currently, exodusfs.com is offline, reducing immediate risk. However, users should remain vigilant against potential reuse or similar phishing attempts. Organizations are advised to maintain updated blocklists, educate users on phishing indicators, and monitor network traffic for related suspicious activity.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: Exodus
- Page title: exodusfs.com | 522: Connection timed out

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["aida.ns.cloudflare.com", "sonny.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019be9ff-0b17-7362-ab40-27bd247a6f39.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4746ac6e-acf3-45cc-9351-411b7bae7a03
- PhishDestroy: https://phishdestroy.io/domain/exodusfs.com/
- LLM endpoint: https://phishdestroy.io/domain/exodusfs.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/exodusfs.com/
Last updated: 2026-03-19