# docu-sign.app — SUSPICIOUS

> docu-sign.app shows low-risk phishing behavior. Stay vigilant and avoid sharing sensitive info. Check PhishDestroy for updates and protect yourself now.

## Summary
PhishDestroy identifies docu-sign.app as a low-risk phishing domain designed to deceive users with generic phishing tactics.

The domain resolves to IP 188.114.96.3 and is flagged by a single security vendor on VirusTotal, indicating limited but credible suspicion. Its name mimics legitimate electronic signature services, increasing its potential for user confusion.

Users should avoid interacting with docu-sign.app or submitting personal data. The domain remains active, and vigilance is advised while PhishDestroy monitors its status.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: Nur einen Moment…

## Domain Intelligence
- Registered: 2026-03-06 15:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["naya.ns.cloudflare.com", "vasilii.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/HLWHhfWP/48788c205342.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/docu-sign.app
- Wayback Machine: https://web.archive.org/web/https://docu-sign.app
- PhishDestroy: https://phishdestroy.io/domain/docu-sign.app/
- LLM endpoint: https://phishdestroy.io/domain/docu-sign.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/docu-sign.app/
Last updated: 2026-03-19