# com-itm.cx — SUSPICIOUS

> The domain com-itm.cx was linked to phishing but is now offline. Avoid interacting with it to stay safe from potential scams or data theft.

## Summary
PhishDestroy classifies com-itm.cx as a low-risk generic phishing domain. While the threat level is currently assessed as low, the site was designed to deceive users, potentially aiming to steal sensitive information through fraudulent means.

Evidence supporting this classification includes the domain's registration through CentralNic Ltd and its presence on three separate security blocklists. The domain was flagged by 2 out of 95 security vendors on VirusTotal, indicating limited detection but enough to warrant caution. It resolved to the IP 104.21.56.209 and carried a Gridinsoft trust score of 0 out of 100, further suggesting malicious intent. Notably, the domain was created recently on February 21, 2026, and the hosted page showed a Cloudflare challenge, which sometimes is used to obscure malicious activity.

Currently, com-itm.cx is offline and no longer resolving, reducing immediate risk to users. PhishDestroy recommends users avoid any interaction with this domain or similar URLs and maintain updated security software. Continued monitoring is advised for domains with similar characteristics to prevent exploitation. Users should remain vigilant against phishing attempts and report suspicious domains promptly.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Attention Required! | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: CentralNic Ltd
- Country: GB
- IP: 104.21.56.209
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["treasure.ns.cloudflare.com", "ganz.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bab88-b433-73b8-a0fe-fb621bfeafbe.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2a6ec047-e711-422d-9659-401383341350
- PhishDestroy: https://phishdestroy.io/domain/com-itm.cx/
- LLM endpoint: https://phishdestroy.io/domain/com-itm.cx/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/com-itm.cx/
Last updated: 2026-03-19