# updatedreviseddocumentdocusign.appwrite.network — MALICIOUS

> updatedreviseddocumentdocusign.appwrite.network is a high-risk phishing site. Avoid entering credentials and stay vigilant to protect your data.

## Summary
PhishDestroy identifies updatedreviseddocumentdocusign.appwrite.network as a high-risk credential phishing domain impersonating DocuSign. This domain aims to steal sensitive user credentials through deceptive tactics.

The domain was registered via GoDaddy.com, LLC in February 2026 and is associated with IP address 151.101.131.52. It appears on a security blocklist and is flagged by 22 out of 95 VirusTotal security vendors, confirming its malicious intent.

Currently, the domain is offline with deployment blocked, reducing immediate risk. Users should avoid interacting with this domain and report suspicious emails containing links to it. Continuous monitoring is advised to prevent credential theft.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Deployment blocked

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: GoDaddy.com, LLC
- Country: US
- IP: 151.101.131.52
- IP Org: Cloudflare CDN
- Nameservers: ["fastly.appwrite.systems"]
- SSL Issuer: Certainly / Certainly Intermediate R1

## Detection Status
- VirusTotal: 22 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "Certego", "Cluster25", "CRDF", "CyRadar", "Ermes", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "SOCRadar", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c7204-0b9a-713d-b5cc-2a18503d72bc.png
- PhishDestroy: https://phishdestroy.io/domain/updatedreviseddocumentdocusign.appwrite.network/
- LLM endpoint: https://phishdestroy.io/domain/updatedreviseddocumentdocusign.appwrite.network/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/updatedreviseddocumentdocusign.appwrite.network/
Last updated: 2026-03-19