# caddyflow-webflow-agency-airbnb.webflow.io — MALICIOUS > caddyflow-webflow-agency-airbnb.webflow.io impersonates Airbnb to steal credentials; 13 of 95 security vendors flag this fraudulent Webflow domain. ## Summary PhishDestroy identifies caddyflow-webflow-agency-airbnb.webflow.io as an active Airbnb-themed phishing domain designed to harvest login credentials and payment data under the guise of a legitimate agency. The site masquerades as a Webflow-based marketing agency claiming Airbnb partnerships, leveraging compromised branding and social-engineering tactics to trick users into entering sensitive information. No known drainer kit artifacts are publicly documented, but the page likely hosts a spoofed login portal or credential harvesting form. This domain resolves to IP 172.64.151.8 and carries a Google Trust Services SSL certificate, increasing its perceived legitimacy. VirusTotal analysis confirms elevated risk with 13 out of 95 security vendors flagging the domain. Registrar data is obscured via Cloudflare, and the domain’s creation date remains recent, suggesting opportunistic deployment. The site has not been listed on Google Safe Browsing (GSB) at time of writing, and blocklist aggregation indicates partial detection across multiple threat intelligence platforms. As of current assessment, caddyflow-webflow-agency-airbnb.webflow.io remains active and unblocked by major browsers or hosting providers. Immediate user action includes avoidance, reporting to Airbnb and Webflow abuse channels, and domain-level blocking at network or DNS layers. Despite partial vendor detection, the site remains operational with elevated risk potential. Users who may have interacted should revoke any entered credentials, monitor financial accounts, and report phishing attempts to relevant authorities. Remaining risk is classified as elevated due to active hosting, partial detection gaps, and impersonation of a trusted brand. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 13 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/5df558ff-21b2-4f08-b146-ec6cbd256470 - PhishDestroy: https://phishdestroy.io/domain/caddyflow-webflow-agency-airbnb.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/caddyflow-webflow-agency-airbnb.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/caddyflow-webflow-agency-airbnb.webflow.io/ Last updated: 2026-03-21