# itrjustcpitllogin.webflow.io — MALICIOUS

> PhishDestroy identifies itrjustcpitllogin.webflow.io as a credential phishing site. 12 out of 95 security vendors flagged it.

## Summary
PhishDestroy confirms that itrjustcpitllogin.webflow.io is a live credential phishing site designed to steal login details. Visitors are tricked into entering usernames and passwords that are immediately harvested by the operators. The page mimics a legitimate login portal, typically targeting corporate or service-provider credentials, and may lead to account takeovers, financial fraud, or further malware delivery. Do not enter any information on this site—assume it is compromised.

This domain was flagged by PhishDestroy after VirusTotal reported 12 of 95 security vendors marked it malicious. The site uses a Google Trust Services SSL certificate to appear legitimate and resolves to IP 104.18.36.248. Active since at least the detection window, the domain is hosted on Webflow and uses a deceptive subdomain to impersonate an official portal. The registrar and creation date are not disclosed in public records, suggesting possible anonymization to evade takedown efforts.

If you visited itrjustcpitllogin.webflow.io, immediately change passwords for any accounts you entered credentials into and enable two-factor authentication. Scan your device for malware using trusted antivirus software. Report the incident to your IT team or security provider and avoid clicking links related to this domain. Monitor financial accounts for suspicious transactions. Forward indicators (URL, IP, screenshots) to PhishDestroy for further analysis and blacklisting.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d6089079-75ba-451b-997f-39e413234342
- PhishDestroy: https://phishdestroy.io/domain/itrjustcpitllogin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/itrjustcpitllogin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/itrjustcpitllogin.webflow.io/
Last updated: 2026-03-29