# karakenlogine.webflow.io — SUSPICIOUS

> karakenlogine.webflow.io impersonates Kraken for phishing. Domain is offline but awareness remains key. Stay vigilant and verify URLs.

## Summary
PhishDestroy has identified karakenlogine.webflow.io as a medium-risk brand impersonation domain targeting Kraken, a well-known cryptocurrency exchange. The domain’s page title, "Kraken's Portal: Your Gateway to Crypto Adventures Awaits!", was designed to lure users into believing they were interacting with the legitimate Kraken platform. This classification stems from the domain’s clear attempt to leverage Kraken’s brand reputation for malicious purposes.

Technical analysis reveals that karakenlogine.webflow.io resolved to IP address 104.18.36.248 and was created on March 4, 2026. The domain was registered through MarkMonitor, Inc., a commonly used registrar for brand protection but also exploited by threat actors. It appeared on two security blocklists, and VirusTotal flagged it by 4 out of 95 participating security vendors, indicating some recognition of its suspicious nature. The use of Webflow hosting suggests a sophisticated approach to quickly deploy authentic-looking phishing content.

Currently, karakenlogine.webflow.io is taken offline, reducing immediate risk. Despite this, PhishDestroy emphasizes the ongoing threat posed by such lookalike domains, especially as they can temporarily deceive users into divulging sensitive information. Users are urged to remain cautious, verify domain authenticity carefully, and report suspicious URLs impersonating Kraken or other brands to help reduce phishing risks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 404)
- Target brand: Kraken
- Page title: Kraken's Portal: Your Gateway to Crypto Adventures Awaits!

## Domain Intelligence
- Registered: 2026-03-04 23:07:01
- Registrar: MarkMonitor, Inc.
- Country: US
- IP: 104.18.36.248
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "Kaspersky", "Trustwave"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/JwH7jc1H/3e880a8f3046.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/karakenlogine.webflow.io
- Wayback Machine: https://web.archive.org/web/https://karakenlogine.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/karakenlogine.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/karakenlogine.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/karakenlogine.webflow.io/
Last updated: 2026-03-19