# crlpto-login.webflow.io — MALICIOUS

> crlpto-login.webflow.io is an active credential phishing site targeting users. Stay alert and avoid entering sensitive information on this domain.

## Summary
PhishDestroy identifies crlpto-login.webflow.io as an active credential phishing domain designed to steal user login details. This poses a high risk to individuals who may unknowingly disclose sensitive credentials.

The domain resolves to IP address 172.64.151.8 and is flagged by 13 out of 95 security vendors on VirusTotal, confirming its malicious intent. It leverages Webflow hosting to imitate legitimate login interfaces.

Users should avoid visiting crlpto-login.webflow.io and never enter personal or login information on suspicious sites. Employ updated security software and verify URLs carefully to mitigate risks associated with this campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Çrypto.com** Login - Sign_In Today‍

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8
- Nameservers: NS_NOT_FOUND

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "LevelBlue", "Netcraft", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d0372-3908-7671-8508-f2cd531f1ffb.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/da7981fb-dd68-46d2-840c-f0b938421528
- PhishDestroy: https://phishdestroy.io/domain/crlpto-login.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/crlpto-login.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/crlpto-login.webflow.io/
Last updated: 2026-03-19