# kucoinloginju.webflow.io — MALICIOUS

> Warning: kucoinloginju.webflow.io is a high-risk phishing site targeting credentials. Avoid interaction and verify URLs carefully before entering sensitive data.

## Summary
PhishDestroy identifies kucoinloginju.webflow.io as an active credential phishing domain designed to deceive users into submitting sensitive login information. This threat poses a significant risk to users attempting to access legitimate KuCoin services, potentially leading to account compromise and financial loss.

The domain kucoinloginju.webflow.io resolves to the IP address 104.18.36.248 and is hosted on infrastructure commonly associated with Webflow, a platform often abused for phishing due to ease of site creation. VirusTotal analysis flags this domain by 16 out of 95 security vendors, confirming its malicious intent and reinforcing the credibility of the threat assessment.

Currently, kucoinloginju.webflow.io remains active and poses an ongoing danger to users. PhishDestroy strongly advises against interacting with this domain or providing any credentials. Users should verify URLs carefully, enable two-factor authentication on their accounts, and report suspicious sites to appropriate authorities to mitigate risks associated with this phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Creating a KuCoin  login Account

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248
- Nameservers: NS_NOT_FOUND

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "LevelBlue", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d0372-c0cc-721d-bd1f-598029a9d90f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/c16ffed3-b8eb-40dd-ae0d-8cc55c6f3ef6
- PhishDestroy: https://phishdestroy.io/domain/kucoinloginju.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/kucoinloginju.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kucoinloginju.webflow.io/
Last updated: 2026-03-19