# verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io — MALICIOUS

> Warning: verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io is actively engaged in phishing. Avoid interaction and block this domain immediately.

## Summary
PhishDestroy has identified verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io as a high-risk phishing domain. Classified under generic phishing threats, this domain attempts to deceive victims through social engineering tactics, as corroborated by Google's Safe Browsing service which flags it for SOCIAL_ENGINEERING. The domain leverages the Webflow.io hosting platform, often abused by attackers for quick deployment of malicious sites.

Technical analysis reveals that verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io resolves to the IP address 172.64.151.8, a range known to be associated with content delivery networks but also misused by threat actors. VirusTotal scans indicate that 14 out of 95 security vendors detect malicious activity on this domain, further underscoring its credibility as a phishing source. These combined indicators reflect a robust infrastructure designed to evade detection while gathering sensitive user information.

Currently, the domain remains active and continues to pose a serious risk to users. PhishDestroy advises organizations and end users to block access to verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io and to stay vigilant against phishing attempts originating from this source. Continuous monitoring and immediate mitigation actions are recommended to prevent credential compromise and financial loss associated with this threat vector.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 403)

## Domain Intelligence
- IP: 172.64.151.8
- Nameservers: NS_NOT_FOUND

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["BitDefender", "CyRadar", "ESET", "Emsisoft", "G-Data", "Google Safebrowsing", "Gridinsoft", "LevelBlue", "Lionic", "Netcraft", "Phishtank", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cf922-0c32-768b-81a6-2ac26cc1974a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/d4b9fe1d-e85d-4787-9c21-ea7ed8a14abd
- PhishDestroy: https://phishdestroy.io/domain/verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/verifier2489i5jtpwlsfjkjjjfhs-5-y527165.webflow.io/
Last updated: 2026-03-19