# hub0g.signinpath.com — SUSPICIOUS

> hub0g.signinpath.com is a live credential phishing domain flagged by 3 of 95 VirusTotal vendors. This Squarespace-registered site resolves to 185.93.89.

## Summary
PhishDestroy identifies hub0g.signinpath.com as an active credential-phishing domain impersonating a legitimate sign-in service.

This domain was flagged by 3 of 95 VirusTotal vendors, registered through Squarespace Domains II LLC, and resolves to IP 185.93.89.91. The domain hub0g.signinpath.com was created on January 19, 2026, and currently shows no evidence of takedown or remediation.

Given its low but measurable detection rate, the domain’s recent creation, and its use of a free Let’s Encrypt SSL certificate to appear legitimate, hub0g.signinpath.com poses an elevated risk to users who may confuse it for an official service. Defensive actions include blocking the domain at DNS and firewall levels, flagging any associated IP (185.93.89.91), and warning users not to enter credentials on any signinpath.com subdomain. Organizations are advised to update blocklists immediately and monitor for internal DNS resolution attempts to this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-19 07:38:18
- Registrar: Squarespace Domains II LLC
- IP: 185.93.89.91

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/aa7065f4-4417-4886-8175-0e1b6959106e
- PhishDestroy: https://phishdestroy.io/domain/hub0g.signinpath.com/
- LLM endpoint: https://phishdestroy.io/domain/hub0g.signinpath.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/hub0g.signinpath.com/
Last updated: 2026-03-23