# kuckeen-lginus.webflow.io — SUSPICIOUS > kuckeen-lginus.webflow.io hosts a Google Trust Services phishing page. VirusTotal scores 0/95 — check the full report now. ## Summary PhishDestroy identifies a live phishing page hosted on kuckeen-lginus.webflow.io that impersonates Google Trust Services in order to harvest account credentials. The site’s SSL certificate is issued by Google Trust Services, lending visual credibility to its fake login portal and increasing the risk of successful deception. Visitors who enter credentials are immediately exposed to credential theft and potential multi-factor authentication bypass attacks by the threat actor behind this domain. This domain was flagged with zero detections out of 95 VirusTotal engines as of seed 351503, indicating it has evaded current signature-based detection layers. Infrastructure analysis shows the site resolves to IP 104.18.36.248 via Cloudflare, a common bullet-proof hosting provider abused for short-lived phishing campaigns. Historical pivoting on domain records does not reveal a public creation date, but the active status remains under continuous investigation by multiple threat-intelligence teams. Users who have already visited kuckeen-lginus.webflow.io should assume their credentials were compromised if any were entered. Immediately rotate passwords and enable hardware-based second factors for all associated accounts. Run a full antivirus scan and check recent sign-in logs for suspicious activity. Report the incident to your security team and the legitimate brand being impersonated. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 104.18.36.248 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/kuckeen-lginus.webflow.io - PhishDestroy: https://phishdestroy.io/domain/kuckeen-lginus.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kuckeen-lginus.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kuckeen-lginus.webflow.io/ Last updated: 2026-04-04