# kquckontlgi.webflow.io — MALICIOUS > kquckontlgi.webflow.io is a phishing site impersonating a login portal. It steals credentials via a fake form hosted on Webflow. ## Summary PhishDestroy identifies kquckontlgi.webflow.io as an active phishing domain hosting a counterfeit login portal designed to harvest user credentials. This site poses an elevated risk due to its ability to deceive victims into submitting sensitive information under false pretenses. The threat type is classified as generic phishing, indicating a broad but targeted attack likely intended for mass credential theft rather than a highly sophisticated spear-phishing campaign. This domain resolves to IP address 172.64.151.8 and is flagged by 20 out of 95 security vendors on VirusTotal, suggesting moderate but widespread recognition as a malicious entity. It operates under Google Trust Services' SSL certificate, which may lend an air of legitimacy to unsuspecting users. While the registrar and creation date are not specified in the available data, the combination of a trusted SSL certificate and its presence on multiple blocklists indicates a well-established but still active threat. The 20/95 detection ratio further implies that while not universally blocked, a significant portion of security tools recognize this domain as malicious and actively block access. To mitigate exposure to this threat, users should immediately avoid interacting with kquckontlgi.webflow.io or any associated links. If credentials were entered, users must reset passwords on all affected accounts and enable multi-factor authentication where possible. Organizations should consider blocking this domain at the network level using updated threat intelligence feeds. Reporting the domain to relevant authorities (e.g., Google Safe Browsing, PhishTank) can aid in broader takedown efforts. Exercise caution with any unsolicited login prompts, especially those hosted on Webflow or other legitimate platforms, as threat actors frequently abuse trusted services to host phishing content. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 20 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/55198d45-d9da-42ee-a7ae-40f59dce282a - PhishDestroy: https://phishdestroy.io/domain/kquckontlgi.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kquckontlgi.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kquckontlgi.webflow.io/ Last updated: 2026-03-21