# kyconnlogon.webflow.io — MALICIOUS > Beware: kyconnlogon.webflow.io is a crypto drainer fake login page. 19/95 engines on VirusTotal flag it. Verify this scam site immediately on PhishDestroy. ## Summary PhishDestroy identifies kyconnlogon.webflow.io as an active generic phishing domain posing a heightened risk to visitors due to its credential-stealing design. The site masquerades as a legitimate login portal to harvest user passwords and session tokens, a common tactic used by threat actors to compromise cryptocurrency wallets and exchange accounts. Analysis confirms this domain is engaged in fraudulent activity with no legitimate business purpose. kyconnlogon.webflow.io exhibits multiple red flags across security telemetry. VirusTotal flags the domain with a score of 19/95 security vendors, indicating broad consensus on its malicious nature. The domain resolves to IP address 172.64.151.8 and is currently blocked by OpenPhish, one of the industry’s most respected threat intelligence feeds. The domain operates under Google Trust Services SSL certificates, which threat actors frequently exploit to appear legitimate. Notably, this domain appears on one security blocklist, suggesting it has been recently added to tracking systems following its discovery. Users encountering this domain should immediately cease interaction and verify its status through PhishDestroy’s real-time threat lookup service. For this specific fake login threat, security teams recommend implementing browser-based protections that can detect and block credential phishing attempts. Organizations should also consider blocking the domain at the network perimeter and conducting employee awareness training focusing on identifying fraudulent login portals. The elevated risk level of this domain demands immediate action to prevent potential credential compromise and subsequent cryptocurrency theft. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.64.151.8 ## Detection Status - VirusTotal: 19 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/3c437e58-c369-4ae0-9cf7-3dbb1b633515 - PhishDestroy: https://phishdestroy.io/domain/kyconnlogon.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/kyconnlogon.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kyconnlogon.webflow.io/ Last updated: 2026-03-29