# multiplier-ethena.sbs — SUSPICIOUS

> Multiplier-ethena.sbs flagged for phishing and now offline. Learn why this domain posed a medium risk and how to stay protected.

## Summary
PhishDestroy identifies multiplier-ethena.sbs as a medium-risk generic phishing domain that was used to deceive users and potentially steal sensitive information. Phishing threats like this are significant because they exploit user trust to capture credentials, financial data, or deliver malware, posing risks to individuals and organizations alike.

The domain multiplier-ethena.sbs was registered recently on February 21, 2026, through Dynadot LLC and resolved to the IP address 104.21.70.117. It currently appears on two security blocklists and was flagged by 3 out of 95 VirusTotal security vendors, indicating moderate detection by antivirus tools. At present, the domain is offline and returns a "521: Web server is down" error, suggesting its takedown or suspension following identification of its malicious use.

Users should remain vigilant and avoid interacting with multiplier-ethena.sbs or any suspicious links resembling this domain. If any credentials or personal information were entered on this site, immediate password changes and monitoring for unauthorized activity are recommended. Employing updated security software and verifying URLs before engagement are crucial steps to reduce exposure to phishing risks like those posed by multiplier-ethena.sbs.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: multiplier-ethena.sbs | 521: Web server is down

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dynadot LLC
- Country: US
- IP: 104.21.70.117
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["brenna.ns.cloudflare.com", "hassan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["alphaMountain.ai", "G-Data", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b3a02-23b9-74bd-922a-7a107d216b5c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8f14c70a-8675-49a3-8fd6-36d8f724d3f0
- PhishDestroy: https://phishdestroy.io/domain/multiplier-ethena.sbs/
- LLM endpoint: https://phishdestroy.io/domain/multiplier-ethena.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/multiplier-ethena.sbs/
Last updated: 2026-03-19