# cnsqarrlogxn.webflow.io — MALICIOUS > cnsqarrlogxn.webflow.io hosts a fake login scam flagged by 18/95 VirusTotal vendors. Verify threats on PhishDestroy to stay protected. ## Summary PhishDestroy identifies cnsqarrlogxn.webflow.io as an active phishing domain involved in a generic phishing threat, specifically employing fake login tactics to deceive users. This domain does not impersonate a particular brand but aims to harvest sensitive credentials through fraudulent login pages. The elevated risk level assigned to this domain reflects its potential to compromise user security. According to VirusTotal, 18 out of 95 security vendors have flagged cnsqarrlogxn.webflow.io as malicious. The domain resolves to the IP address 172.64.151.8 and is registered under the registrar Webflow, Inc. It holds a valid SSL certificate issued by Google Trust Services, which may lend it unwarranted credibility. The domain appears on one security blocklist and is specifically blocked by OpenPhish, a recognized phishing intelligence provider. These technical indicators collectively suggest a well-constructed phishing setup designed to bypass basic security filters. Currently, cnsqarrlogxn.webflow.io remains active and poses an elevated threat to users who encounter it. It is recommended that individuals avoid interacting with this domain and refrain from entering any personal or login information. Security professionals should ensure this domain is blocked at network levels and monitor for any phishing campaigns leveraging this URL. Users are advised to verify any suspicious domains through trusted resources like PhishDestroy before engaging. Continuous vigilance and prompt reporting can mitigate the risks associated with this phishing domain. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 18 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/01f265a6-a9f8-4569-a0f1-0ad3974dee79 - PhishDestroy: https://phishdestroy.io/domain/cnsqarrlogxn.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/cnsqarrlogxn.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/cnsqarrlogxn.webflow.io/ Last updated: 2026-03-29