# kukohinlogon.webflow.io — MALICIOUS > kukohinlogon.webflow.io hosts a fake login scam flagged by 17/95 VirusTotal engines. Users should verify safety on PhishDestroy before proceeding. ## Summary kukohinlogon.webflow.io is actively involved in a phishing scheme designed to steal user credentials by mimicking legitimate login portals. This domain specifically facilitates fake login attempts, where unsuspecting users are tricked into submitting sensitive information such as usernames and passwords. The purpose of this threat is to harvest login data for malicious use, which can lead to unauthorized access to user accounts and potential identity theft. The domain kukohinlogon.webflow.io has been flagged by 17 out of 95 security vendors on VirusTotal, highlighting substantial consensus on its malicious nature. It appears on 1 security blocklist and is currently blocked by OpenPhish, a widely respected phishing threat intelligence platform. The domain uses an SSL certificate issued by Google Trust Services, which may lend it a deceptive appearance of legitimacy. The domain resolves to the IP address 104.18.36.248 and is hosted on the Webflow platform, a common choice for hosting phishing sites due to its ease of use and availability. These technical indicators collectively affirm the elevated risk level associated with this domain. Users who have visited kukohinlogon.webflow.io should immediately review their online accounts for any unauthorized activity, especially if credentials were entered. It is strongly advised to change passwords and enable multi-factor authentication where possible. Users should also run updated antivirus and anti-malware scans on their devices to rule out any secondary infections. Always verify the legitimacy of login pages via trusted sources such as PhishDestroy before entering sensitive information. Remaining vigilant and promptly responding to potential compromise can mitigate the damage inflicted by this credential theft threat. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 104.18.36.248 ## Detection Status - VirusTotal: 17 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/6f7da671-65dd-4c0e-8619-7f2ea7088199 - PhishDestroy: https://phishdestroy.io/domain/kukohinlogon.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kukohinlogon.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kukohinlogon.webflow.io/ Last updated: 2026-04-12