# tradestations.info — MALICIOUS

> Discover the phishing risks tied to tradestations.info. Learn why this domain was flagged and taken offline to protect users from fraud.

## Summary
PhishDestroy has identified tradestations.info as a high-risk phishing domain designed to deceive users by mimicking legitimate financial or trading platforms. Classified under generic phishing threats, this domain attempts to harvest sensitive information from unsuspecting victims by presenting itself as 'Tradestations'. The domain's creation date, March 04, 2026, and its suspicious behavior triggered immediate scrutiny from cybersecurity analysts.

Technical analysis reveals that tradestations.info resolves to the IP address 198.251.88.6, which is linked to multiple malicious activities. The domain is registered through TuringSign Inc. d/b/a Cosmotown, a registrar known for hosting suspicious sites. Additionally, the domain is listed on three security blocklists, reflecting consensus across multiple threat intelligence sources. The Gridinsoft trust score of 0/100 further corroborates its untrustworthy status. VirusTotal flagged this domain by 12 out of 95 security vendors, indicating a significant detection rate among reputable scanners.

Following detection, tradestations.info was taken offline to mitigate further harm. PhishDestroy recommends users avoid interacting with any content associated with this domain. The swift takedown demonstrates effective coordination between threat intelligence communities and hosting providers to disrupt phishing campaigns. Continued vigilance is advised for domains registered through similar channels and exhibiting comparable technical footprints.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Tradestations

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- Registrar: TuringSign Inc. d/b/a Cosmotown
- Country: US
- IP: 198.251.88.6
- IP Country: US
- IP City: Cheyenne
- IP Org: AS53667 FranTech Solutions
- Nameservers: ["ns1.asurahosting.com", "ns2.asurahosting.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CRDF", "CyRadar", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cba09-a3d2-76bd-ae5e-7349fb04c885.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/92548207-8e7c-4942-90bf-ce157b53f3a8
- Wayback Machine: https://web.archive.org/web/https://tradestations.info
- PhishDestroy: https://phishdestroy.io/domain/tradestations.info/
- LLM endpoint: https://phishdestroy.io/domain/tradestations.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tradestations.info/
Last updated: 2026-03-19