# itrrustcaptllogin.webflow.io — MALICIOUS > itrrustcaptllogin.webflow.io is flagged as a high-risk credential phishing site. Learn why it's dangerous and how to protect your login info now. ## Summary PhishDestroy identifies itrrustcaptllogin.webflow.io as a high-risk credential phishing domain designed to steal sensitive login information. Users encountering this site face significant danger because it mimics legitimate login pages to trick visitors into submitting their usernames, passwords, and other private credentials. Falling victim to such scams can lead to unauthorized access, identity theft, and financial loss. This phishing scheme works by presenting a fake login interface hosted on Webflow’s platform, resolving to IP address 104.18.36.248. The domain name closely resembles trusted services, making it easy for users to be deceived. Once credentials are entered, they are captured by attackers for malicious use. The site remains active and has been flagged by 20 out of 95 security vendors on VirusTotal, underscoring its ongoing threat and widespread recognition by cybersecurity tools. If you have visited itrrustcaptllogin.webflow.io, it is critical to immediately change any passwords that you may have entered on this site, especially if they are reused on other platforms. Monitor your accounts for unusual activity and consider enabling multi-factor authentication for added protection. Reporting the domain to your security teams or using platforms like PhishDestroy can help block this threat for others. Staying vigilant and verifying URL authenticity before entering credentials is essential to avoid falling prey to similar scams. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 200) - Page title: iTrustCapital Login: Access Your Self-Directed IRA Account ## Domain Intelligence - Registered: 2026-03-04 15:07:01 - Registrar: MarkMonitor, Inc. - IP: 104.18.36.248 - Nameservers: NS_NOT_FOUND ## Detection Status - VirusTotal: 19 vendors flagged Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "VIPRE", "Webroot"] - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["PhishDestroy"] ## Live Page Content ### Page Text iTrustCapital Login: Access Your Self-Directed IRA Account ITrustCapital Login. iTrustCapital is a self-directed IRA provider that gives you the opportunity to invest in cryptocurrencies, gold and silver through your retirement … ### External Scripts - https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64f6d6f4ec125865b4d5a339 - https://cdn.prod.website-files.com/64f6d6f4ec125865b4d5a339/js/webflow.24a563ff7.js ### External Links - https://gtly.to/P520M_wC6 ## Evidence - Screenshot: https://urlscan.io/screenshots/019cb900-1d60-75d4-ba44-d7dccbd707b8.png - Cloudflare Radar: https://radar.cloudflare.com/scan/df1b7898-4316-4f89-8fdd-8ab74fb92fd8 - PhishDestroy: https://phishdestroy.io/domain/itrrustcaptllogin.webflow.io/ ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/itrrustcaptllogin.webflow.io/ Last updated: 2026-03-14