# netcoinlogine-network.webflow.io — MALICIOUS > Is netcoinlogine-network.webflow.io safe? Discover why this active phishing site targets your cryptocurrency credentials and how to protect yourself. ## Summary PhishDestroy identifies netcoinlogine-network.webflow.io as a high-risk credential phishing domain designed to deceive users into surrendering sensitive cryptocurrency login information. This threat is critical because attackers can gain unauthorized access to victims' digital wallets and accounts, potentially leading to significant financial losses. Users seeking to secure their crypto assets should be aware that fake login portals like this can appear legitimate, increasing the risk of credential compromise. The domain netcoinlogine-network.webflow.io was registered recently on March 12, 2026. It currently remains active and resolves to the IPv6 address 2606:4700:440c::ac40:9708. VirusTotal flags this domain by 20 out of 95 security vendors, and it appears on at least one security blocklist. The page title, "Netcoins Login - Your Cryptocurrency Network," indicates the attackers aim to impersonate a trusted crypto login platform. The use of Webflow hosting may lend a façade of legitimacy, complicating detection by average users. Users are strongly advised not to enter any credentials on this domain and to verify URLs carefully before logging into any cryptocurrency-related service. Employing multi-factor authentication, regularly updating passwords, and using trusted sources or official apps can reduce the risk of credential theft. If users have interacted with this site, changing passwords immediately and monitoring accounts for suspicious activity is crucial. PhishDestroy continues to monitor this domain for changes in status or additional threat intelligence. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 200) - Page title: Netcoins Login - Your Cryptocurrency Network ## Domain Intelligence - Registered: 2026-03-12 13:07:01 - IP: 2606:4700:440c::ac40:9708 - IP Country: US - IP City: San Francisco - IP Org: AS13335 Cloudflare, Inc. - SSL Issuer: Google Trust Services / WE1 ## Detection Status - VirusTotal: 20 vendors flagged Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "DNS8", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "LevelBlue", "Lionic", "Netcraft", "OpenPhish", "Sophos", "VIPRE", "Webroot"] - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["PhishDestroy"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019cdcef-ebb2-76da-b6ef-17b4c944717c.png - PhishDestroy: https://phishdestroy.io/domain/netcoinlogine-network.webflow.io/ - LLM endpoint: https://phishdestroy.io/domain/netcoinlogine-network.webflow.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/netcoinlogine-network.webflow.io/ Last updated: 2026-03-19