# login.workshopcommunityhubs.com — MALICIOUS

> Avoid login.workshopcommunityhubs.com—this high-risk phishing domain targets your login details. The site has been taken offline for your safety.

## Summary
PhishDestroy identifies login.workshopcommunityhubs.com as a high-risk credential phishing domain designed to steal user login information. The site was created recently on March 11, 2026, and it mimics legitimate login portals, as indicated by its page title 'Connexion.' This deceptive tactic aims to trick users into submitting sensitive credentials.

Supporting intelligence reveals that this domain was registered through Global Domain Group LLC and resolves to the IP address 188.114.96.3. The domain is flagged on one security blocklist and detected by 17 out of 95 VirusTotal security vendors, underscoring its malicious intent and reinforcing the necessity to treat it as a serious threat. Its infrastructure and registration details align with typical phishing campaigns designed to exploit unsuspecting users.

Currently, login.workshopcommunityhubs.com has been taken offline, mitigating the immediate risk to users. However, PhishDestroy advises continued vigilance against similar phishing attempts. Users should avoid interacting with suspicious links and verify URLs carefully before entering credentials. Employing up-to-date security solutions and monitoring blocklists can help prevent exposure to this and related phishing threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Connexion

## Domain Intelligence
- Registered: 2026-03-11 03:07:02
- Registrar: Global Domain Group LLC
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: kai.ns.cloudflare.com reza.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 17 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CRDF", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Netcraft", "SOCRadar", "Sophos", "URLQuery", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cda8f-bc7c-76bf-8c5a-3fac758e6d6a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/955fdfb1-b897-422e-928c-3e0315112445
- PhishDestroy: https://phishdestroy.io/domain/login.workshopcommunityhubs.com/
- LLM endpoint: https://phishdestroy.io/domain/login.workshopcommunityhubs.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/login.workshopcommunityhubs.com/
Last updated: 2026-03-19