# netcoinslogi-shop.webflow.io — MALICIOUS

> netcoinslogi-shop.webflow.io is a phishing domain impersonating Netcoins, flagged by 19/95 security vendors.

## Summary
This domain, netcoinslogi-shop.webflow.io, is identified as an active phishing site designed to mimic the legitimate Netcoins cryptocurrency exchange platform. The threat type is credential theft, where unsuspecting users are tricked into entering their login details, which are then harvested by attackers. The phishing page leverages the Webflow.io hosting service to lend an air of legitimacy, exploiting the trusted brand recognition of Netcoins to deceive victims. No specific drainer kit (e.g., CryptoDrainer) is explicitly linked in open intelligence, but the campaign's infrastructure suggests automated credential harvesting.    Technical indicators confirm this domain's malicious nature. VirusTotal reports a detection rate of 19 out of 95 security vendors, with the domain resolving to IP address 172.64.151.8. The SSL certificate is issued by Google Trust Services, which may further convince users of its authenticity. While the exact registrar and creation date are not specified in available data, the domain's presence on multiple blocklists underscores its active abuse. The Google Safe Browsing (GSB) status is flagged, and the elevated risk level aligns with the high rate of vendor detections.    Current status remains active as of the latest analysis, with ongoing efforts to mitigate the threat. Users should block this domain at the network and DNS levels to prevent access. Organizations are advised to update firewall rules and SIEM signatures with the IP (172.64.151.8) and domain to enhance detection. Remaining risk is elevated due to the domain's legitimate appearance and partial SSL trust, necessitating heightened user awareness and proactive blocking mechanisms.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 19 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c0513d96-63a5-4f8e-8534-5c27695f783d
- PhishDestroy: https://phishdestroy.io/domain/netcoinslogi-shop.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/netcoinslogi-shop.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/netcoinslogi-shop.webflow.io/
Last updated: 2026-03-22