Security Scan Report: gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.dev

Redirected to:
https://gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.de...
Site favicon
Submitted: Jun 13, 2026, 11:31:18 AMCompleted: Jun 13, 2026, 11:47:18 AMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 4 HTTP transactions. The main domain is gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.dev and was registered NaN years ago.

Submitted URL: http://gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.dev/

Effective URL: https://gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.dev/Redirected

AI Security Verdict

High Risk

Confidence: 82%

8
Risk Score

Phishing page impersonating GMX to harvest user credentials via a cross‑origin login form.

Risk Factors
Brand impersonation
Cross‑origin credential form submission
Unknown subdomain age on hosting platform
Unranked / low‑reputation domain
Hosted on workers.dev (generic hosting service)
Domain age information unavailable

Details

Page Title

Willkommen

Scan Type

public

Language

🇩🇪

German

(52% confidence)

Category

government public service

(46%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.dev' is registered and includes subdomain 'gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1'. The second-level label 'workers' is 7 characters long split between two vowels and five consonants. It segments into one word: workers. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://gm1khgie873899oksdfkjywhtiu889234poi24.junebgemini1.workers.dev/

Page Load Overview

0.28s
Total Load Time
3
HTTP Requests
1
Domains
N/A
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:52%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:52%
Script Type:Latin
Text Length:184 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service46% confidence
Type: static
Method: ml+structural

All Detected Categories

government public service
46%
news media journalism
37%
technology software
31%
healthcare medical
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3188.114.96.3United States
AS13335Cloudflare, Inc.
31--

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B8D37879B501DD4E7D3398FFFCA82FD15414EE9BDDCCABC14049982A6AE00AA35181DB

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:Q3VvkqhCYIXn/rjwmQ/ENPqPV063b/+fnC+Ik+1+zEP:49h3b/+fC+Ik+1+oP

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:140839:NHMg4cgUKoBAIokpKdUUAUBRAtAxEggVA8hh4lWFYIeEkgrjIAhehNREERwVkEkBJyIgTgUGyGjmQEIJKdQAgUSSUxCAKQCG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffffffe7ffffff
Perceptual Hash:f77359664c4c4c4c
Difference Hash:090804080c0c0000
Wavelet Hash:00a30327e700fcfc
Color Hash:#40b7bf

Other Hashes

Scan History

Scan history not available

Unable to load historical scan data