# sec-i--itrustcapitall---authh.webflow.io — MALICIOUS

> PhishDestroy identifies sec-i--itrustcapitall---authh.webflow.io as a fake IT services login portal hosting a credential-stealing phishing page.

## Summary
PhishDestroy identifies sec-i--itrustcapitall---authh.webflow.io as an elevated-risk domain engaged in generic phishing. The page masquerades as a legitimate IT services authentication portal to harvest user login credentials and sensitive data.  This domain presents a significant threat by mimicking a corporate login interface. VirusTotal confirms 11 out of 95 security vendors flag this page as malicious, indicating widespread detection. The domain resolves to IP address 172.64.151.8 using a Google Trust Services SSL certificate, which may lend false legitimacy. Although no registrar or creation date is publicly listed for this Webflow.io subdomain, the presence of an active SSL certificate suggests recent deployment designed to evade suspicion. Multiple blocklists and threat intelligence feeds have flagged this domain, reinforcing its malicious intent.  Users are advised to avoid accessing this domain and verify any unexpected login prompts by contacting the organization through official channels. Never input credentials or sensitive information into untrusted web forms, especially those hosted on third-party platforms like Webflow without prior verification. Organizations should implement web filtering rules to block access to sec-i--itrustcapitall---authh.webflow.io and similar suspicious subdomains. If a login page appears suddenly or unexpectedly, verify its authenticity via known, secure endpoints. Report such incidents to security teams immediately to prevent credential theft and potential account compromise

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/fe7636e8-c2bc-47c2-8ea0-2dea9059fee0
- PhishDestroy: https://phishdestroy.io/domain/sec-i--itrustcapitall---authh.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/sec-i--itrustcapitall---authh.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sec-i--itrustcapitall---authh.webflow.io/
Last updated: 2026-03-29