# kulcnilog.webflow.io — MALICIOUS

> kulcnilog.webflow.io is a confirmed Google Trust Services phishing scam. 18/95 VirusTotal vendors flagged this domain. Check the full report.

## Summary
PhishDestroy identifies kulcnilog.webflow.io as an active phishing site leveraging a fraudulent Webflow subdomain to impersonate legitimate Google Trust Services SSL certificates. The domain resolves to IP 104.18.36.248 and displays a valid Google Trust Services certificate, tricking users into believing they are interacting with a secure Google domain. This technique exploits the trust associated with Google’s SSL infrastructure to harvest credentials and sensitive data under false pretenses.  This domain was flagged by OpenPhish and 18 of 95 VirusTotal security vendors. It appears on 1 security blocklist and uses a Google Trust Services SSL certificate to enhance credibility. The domain’s structure mimics legitimate services, exploiting Webflow’s subdomain hosting to bypass traditional domain reputation checks. Security intelligence confirms its elevated risk status, with active redirection or content mirroring known phishing lures.  If you visited kulcnilog.webflow.io, assume your data was compromised. Do not enter credentials or sensitive information on this site. Immediately run a malware scan on your device and change passwords for any accounts that may have been exposed. Report this domain to your IT security team or the platform hosting the phishing content for takedown. Avoid clicking any links from this domain in the future.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/kulcnilog.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/kulcnilog.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/kulcnilog.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kulcnilog.webflow.io/
Last updated: 2026-04-02