ScanMalware.com

Security Scan Report: gemunilagina.webflow.io

Submitted: Dec 13, 2025, 10:33:06 PMCompleted: Dec 13, 2025, 10:33:36 PMpubliccompleted
Loading additional data...

Summary

This website contacted 18 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main domain is gemunilagina.webflow.io and was registered NaN years ago.

Submitted URL: https://gemunilagina.webflow.io/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Page impersonates Gemini on an unranked domain and is flagged for social engineering; treat as high‑risk phishing.

Risk Factors
Brand impersonation / typosquatting of Gemini
Social engineering threat detected by Google Safe Browsing
Login‑style page title on a non‑official domain
Unranked domain presenting a major brand
Domain age information unavailable

Details

Page Title

Login* - Ɠemini | Exchange Digital Asset - Buy, Sell & Trade

Scan Type

public

Language

🇺🇸

English

(45% confidence)

Category

cryptocurrency blockchain

(68%)

Domain Information

The domain name 'gemunilagina.webflow.io' uses the British Indian Ocean Territory country-code top-level domain (.io) and includes subdomain 'gemunilagina'. Its registrable label 'webflow' stretches across 7 characters holding 2 vowels versus 5 consonants. Breaking it apart gives two words: web, flow. Median word length comes out to 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://gemunilagina.webflow.io/

Page Load Overview

6.32s
Total Load Time
12
HTTP Requests
6
Domains
328 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:45%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:45%
Script Type:Latin
Text Length:4,502 chars
Detector Agreement:75%

Website Classification

Primary Category

cryptocurrency blockchain68% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

cryptocurrency blockchain
68%
finance banking
54%
technology software
53%
documentation technical
35%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1213.226.247.220United States
AS16509AMAZON-02
0142.250.184.202United States
AS15169GOOGLE
0142.251.141.99United States
AS15169GOOGLE
0104.18.160.117United States
AS13335CLOUDFLARENET
0142.250.186.138United States
AS15169GOOGLE
0172.64.151.8United States
AS13335CLOUDFLARENET
0104.18.161.117United States
AS13335CLOUDFLARENET
013.226.247.129United States
AS16509AMAZON-02
013.226.247.18United States
AS16509AMAZON-02
02606:4700::6812:a075United States
AS13335CLOUDFLARENET
1218--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C502B41BE948B3220A4341E5BDB660CF9F6254F82351CF44E9F5D26C97D19AC4A337CA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:zKdcTPB13yMQAt4warPRkQ/2vh+TxWKck5eZnXZ5ZEZUyZdZDC/z4:zKIryMQAt4wOPytvIl/5q34

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:8572:gbYYAYgASBMBYQSTo4RjgChUQSNa5EAXEENQYgWgQAwAAAoEKMAIEXNZBZDIJIDQLGWRlRjASAYssAYKCdCgAMIJJtcJxwVT

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:03cfd7a3e7ffffff
Perceptual Hash:b635991927261d1f
Difference Hash:9e10264e0d92edfc
Wavelet Hash:030f8783070f1f7f
Color Hash:#d279a1

Other Hashes

Crop Resistant:9e10264e0d92edfc,01668696b6865601,468f1b255b370e9d

Scan History

Scan history not available

Unable to load historical scan data