# kuquoinligenus.webflow.io — MALICIOUS > Domain kuquoinligenus.webflow.io serves as a credential harvesting page with 12/95 detections from security vendors. ## Summary PhishDestroy identifies kuquoinligenus.webflow.io as an active credential harvesting domain posing a significant threat through generic phishing tactics. This domain leverages the legitimate Webflow.io hosting platform to impersonate a financial or service-related portal, tricking users into entering credentials that are immediately exfiltrated to attacker-controlled systems. This domain was flagged by 12 of 95 VirusTotal security vendors, indicating a high detection rate among industry tools. Hosted on IP 172.64.151.8 with a Google Trust Services SSL certificate, it presents a veneer of legitimacy to evade basic detection mechanisms. While the exact registrar and creation date remain unverified in public records, the domain’s association with Webflow.io—a platform known for legitimate web development—highlights the effectiveness of abusing trusted services in phishing campaigns. Further, the low but concerning detection rate suggests this domain may have flown under the radar for some time, increasing its potential impact. If users have interacted with kuquoinligenus.webflow.io, they should immediately reset passwords for any accounts where credentials may have been entered and enable multifactor authentication where available. Avoid visiting the domain entirely and report it to your organization’s SOC or security team for immediate takedown actions. Users should verify the legitimacy of any unexpected login prompts by directly accessing the official website through a known, trusted URL—never via links received through email, SMS, or other unsolicited communications. Additionally, monitor financial accounts and enable transaction alerts to detect any unauthorized activity resulting from credential compromise. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 12 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/c3bed36b-9039-44f3-a3bf-f0c773fdadcf - PhishDestroy: https://phishdestroy.io/domain/kuquoinligenus.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kuquoinligenus.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kuquoinligenus.webflow.io/ Last updated: 2026-03-26