# robinhood-loginp.gitbook.io — MALICIOUS

> The domain robinhood-loginp.gitbook.io is hosting credential phishing to steal login data. Avoid the site and stay protected.

## Summary
PhishDestroy identifies robinhood-loginp.gitbook.io as an active credential phishing domain targeting Robinhood users. This threat is critical because it aims to deceive victims into submitting sensitive login credentials, potentially leading to unauthorized account access and financial loss. Users must remain vigilant against such scams.

The domain was registered on March 30, 2014, and is hosted via Cloudflare, Inc, resolving to IP address 104.18.40.47. VirusTotal analysis shows that 10 out of 95 security scanners flag this domain, confirming its malicious nature. The use of a popular service like GitBook helps the attackers blend in, increasing the risk of successful credential theft.

Users should avoid visiting robinhood-loginp.gitbook.io and never enter personal information on this site. It is recommended to verify URLs carefully, enable two-factor authentication on Robinhood accounts, and report suspicious sites to security teams or platforms like PhishDestroy. Staying cautious is essential to prevent falling victim to this active phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Target brand: Robinhood
- Page title: Róbinhood Login - Login To My Account

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: Cloudflare, Inc
- Country: US
- IP: 104.18.40.47
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dahlia.ns.cloudflare.com hugh.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content
- Meta title: Róbinhood Login - Login To My Account

### Page Text
Róbinhood Login - Login To My Account Róbinhood Login - Login To My Account ⌘ Ctrl k Róbinhood Login - Login To My Account Róbinhood Login - Login To My Account Powered by GitBook On this page Copy Róbinhood Login - Login To My Account

### External Scripts
- https://static-2c.gitbook.com/_next/static/chunks/87c73c54-095cf9a90cf9ee03.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/21902-071d67c25a3198c5.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/main-app-95dfd8d3dd2e941a.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/app/global-error-8fffda4f93bd8922.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/f5718501-8545f65f56dd58ef.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/9071f66d-6845f9ef16b3a69b.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/28728-db690aa75c5b02e4.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/30290-582ca1f5a0cb4ca8.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/59290-abc179ef89159efb.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884
- https://static-2c.gitbook.com/_next/static/chunks/32172-ef933005f6ef589b.js?dpl=6c613d0df35a4381e557621982faeeb0f25a5884

### External Links
- https://www.gitbook.com/?utm_source=content&amp;utm_medium=trademark&amp;utm_campaign=uYVcz7Jd8Qgd35NdYoH0
- https://gitbook.com/docs/published-documentation/custom-domain/configure-dns#are-you-using-cloudflare

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc286-2634-7528-bd96-951b64bfb11f.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/robinhood-loginp.gitbook.io
- Wayback Machine: https://web.archive.org/web/https://robinhood-loginp.gitbook.io
- PhishDestroy: https://phishdestroy.io/domain/robinhood-loginp.gitbook.io/
- LLM endpoint: https://phishdestroy.io/domain/robinhood-loginp.gitbook.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/robinhood-loginp.gitbook.io/
Last updated: 2026-03-16