# secure-so-blockfi-io-cdn.webflow.io — MALICIOUS

> PhishDestroy warns about secure-so-blockfi-io-cdn.webflow.io, a BlockFi impersonation site stealing crypto via fake logins.

## Summary
PhishDestroy identifies secure-so-blockfi-io-cdn.webflow.io as an active credential phishing domain posing an elevated risk to users. This site impersonates BlockFi’s official services to harvest login credentials and drain cryptocurrency wallets, a tactic known as a crypto drainer. Users attempting to access BlockFi through this domain risk unauthorized asset transfers and identity theft.


This domain was flagged by PhishDestroy with 14 out of 95 security vendors on VirusTotal detecting malicious activity. The domain resolves to IP address 172.64.151.8 and leverages a Google Trust Services SSL certificate to appear legitimate. While detailed creation date and registrar data are not publicly accessible due to the use of Webflow.io as a subdomain host, the domain’s low trust score and multiple detections across security platforms highlight its malicious intent. The presence of 14/95 detections on VirusTotal, combined with the absence from major allowlists, confirms its classification as a credential phishing vector targeting BlockFi users.


To mitigate risk, PhishDestroy recommends verifying any BlockFi-related link using official channels only. Never enter credentials or financial information into login forms reached via unsolicited emails or third-party domains. Use a password manager to auto-fill login details only on verified domains. If exposed, immediately revoke session access, change passwords using a clean device, and contact BlockFi support using official contact methods. Always confirm site legitimacy by checking the URL in your browser’s address bar and ensuring HTTPS encryption with a valid certificate issued to the official domain. Report suspicious domains to PhishDestroy for further analysis and community protection.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2b88b466-1319-4cef-990e-311b5c85902c
- PhishDestroy: https://phishdestroy.io/domain/secure-so-blockfi-io-cdn.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/secure-so-blockfi-io-cdn.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/secure-so-blockfi-io-cdn.webflow.io/
Last updated: 2026-03-22