# cryytaonlogonnii.webflow.io — MALICIOUS

> Beware of cryytaonlogonnii.webflow.io, an active medium-risk phishing domain. Avoid sharing personal info or clicking unknown links.

## Summary
PhishDestroy identifies cryytaonlogonnii.webflow.io as an active domain linked to generic phishing activities, posing a medium risk to users. Phishing attacks like these attempt to deceive individuals into divulging sensitive data such as login credentials or financial details, which can lead to identity theft or financial loss. Understanding and recognizing such threats is essential for maintaining digital security in today's interconnected environment.

This domain resolves to the IP address 104.18.36.248 and has been flagged by several security vendors, indicating suspicious behavior consistent with phishing campaigns. Hosted on a Webflow.io subdomain, it leverages a legitimate hosting platform often misused by attackers to create convincing fake websites. The detection by multiple sources underscores the potential harm that could arise from interacting with content hosted on this domain.

Users are advised to exercise caution and refrain from clicking on any links associated with cryytaonlogonnii.webflow.io. It is recommended to verify website authenticity before entering any personal or financial information. Employing updated antivirus software and enabling browser phishing filters can provide an extra layer of defense. Reporting suspicious domains like this to cybersecurity authorities helps protect the broader community from falling victim to scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Target brand: Crypto.com
- Page title: Çrypto.com* Login - Sign_In Today Now

## Domain Intelligence
- Registered: 2026-03-07 13:07:01
- Registrar: MarkMonitor, Inc.
- Country: US
- IP: 104.18.36.248
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "ESET", "Emsisoft", "G-Data", "Gridinsoft", "Kaspersky", "Netcraft", "OpenPhish", "Sophos", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/Gvpg5btr/fefbcc6d87ee.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/15f51dac-28ae-4286-b925-6c8931f85fb2
- Wayback Machine: https://web.archive.org/web/https://cryytaonlogonnii.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/cryytaonlogonnii.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/cryytaonlogonnii.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cryytaonlogonnii.webflow.io/
Last updated: 2026-03-19