# krkrnin-lgn.webflow.io — MALICIOUS

> Discover why krkrnin-lgn.webflow.io is flagged for phishing. Learn about its risks, infrastructure, and current status to stay protected.

## Summary
PhishDestroy has identified the domain krkrnin-lgn.webflow.io as an active generic phishing threat. This domain is classified as high risk due to its intent to deceive users into divulging sensitive information. The phishing nature was determined based on behavioral patterns and analysis of its hosting and associated infrastructure.

Technically, krkrnin-lgn.webflow.io resolves to the IP address 104.18.36.248. Examination through VirusTotal shows that 16 out of 95 security engines detect this domain as malicious, underscoring its suspicious activity. The domain is hosted on Webflow's platform, which is occasionally abused by threat actors to set up convincing phishing pages. The use of a recognizable webflow.io subdomain aids attackers in evading initial scrutiny by blending into legitimate web services.

Currently, krkrnin-lgn.webflow.io remains active and poses a significant security risk. PhishDestroy advises caution, recommending that users avoid interacting with this domain or providing any personal data. Continuous monitoring is maintained to track any changes in hosting or attack patterns. Security teams should consider blocking access and updating threat intelligence feeds to include this domain to prevent user exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Kraken Crypto Exchange | Buy crypto with peace of mind

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248
- Nameservers: NS_NOT_FOUND

## Detection Status
- VirusTotal: 20 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "LevelBlue", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d0371-fb28-716f-b963-7692e7ee1add.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b77e5b71-c3aa-4e3e-8e02-ae0407cb5311
- PhishDestroy: https://phishdestroy.io/domain/krkrnin-lgn.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/krkrnin-lgn.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krkrnin-lgn.webflow.io/
Last updated: 2026-03-19