# cukoienlogeuin.webflow.io — MALICIOUS

> PhishDestroy identifies cukoienlogeuin.webflow.io as a credential theft phishing domain. 16/95 security vendors flag this scam.

## Summary
PhishDestroy identifies cukoienlogeuin.webflow.io as an active credential theft phishing campaign operating under an elevated risk classification. The domain is hosted on Webflow’s free subdomain service and is designed to mimic legitimate login portals to harvest user credentials. This tactic is commonly used to gain unauthorized access to accounts, enabling further exploitation such as financial fraud or identity theft. Given the active status and elevated threat rating, users interacting with this domain face a significant risk of credential compromise.  

 This domain was flagged by 16 out of 95 VirusTotal security vendors, indicating substantial detection across multiple threat intelligence platforms. It resolves to IP address 104.18.36.248, which is associated with Cloudflare’s infrastructure, and uses an SSL certificate issued by Google Trust Services. While the SSL certificate may appear legitimate, it is being abused to lend false credibility to the phishing page. The domain is a subdomain of webflow.io, which does not inherently indicate malicious intent but is frequently exploited in phishing campaigns due to its accessibility and low barrier to creation.  

 To mitigate risk, avoid entering any credentials or sensitive information on this domain. If you have already interacted with this page, immediately change passwords for all accounts where the same credentials may have been used. Report the domain to your security team or through phishing reporting channels. Use updated browser security features, such as Safe Browsing protections or DNS filtering, to block access to this domain. Always verify URLs manually and avoid clicking links from unsolicited emails or messages.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/bbfb5935-42c2-4db2-ab1f-e14994d7077b
- PhishDestroy: https://phishdestroy.io/domain/cukoienlogeuin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/cukoienlogeuin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cukoienlogeuin.webflow.io/
Last updated: 2026-03-22