# kocuinloginu.webflow.io — MALICIOUS

> kocuinloginu.webflow.io is a dangerous credential phishing site. Avoid entering info. Act now to protect your accounts.

## Summary
PhishDestroy identifies kocuinloginu.webflow.io as a high-risk credential phishing domain designed to steal login details. This site poses a serious threat to personal and financial security.

The phishing attack works by mimicking legitimate login pages, tricking users into submitting their usernames and passwords. Once credentials are entered, attackers can access sensitive accounts and data.

If you visited kocuinloginu.webflow.io and entered any information, immediately change your passwords and enable two-factor authentication. Monitor your accounts for suspicious activity and report the incident to your service providers.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: KuCoin Login Guide | Step-by-Step Access to Your Exchange

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: MarkMonitor, Inc.
- Country: US
- IP: 172.64.151.8
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content
- Meta description: Follow our step-by-step KuCoin login guide for a secure and convenient way to manage your cryptocurrency investments.

### Page Text
KuCoin Login Guide | Step-by-Step Access to Your Exchange

### External Scripts
- https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64f964f8e02b05b13f993d47
- https://cdn.prod.website-files.com/64f964f8e02b05b13f993d47/js/webflow.24a563ff7.js

### External Links
- https://paticableharent.com/5fd4995b-fc71-4544-b270-b23c7f1dbcd9

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc286-1e50-74ab-891a-e0f8211de708.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/kocuinloginu.webflow.io
- Wayback Machine: https://web.archive.org/web/https://kocuinloginu.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/kocuinloginu.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/kocuinloginu.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kocuinloginu.webflow.io/
Last updated: 2026-03-16