ScanMalware.com

Security Scan Report: gemini-lxiogin.gitbook.io

Site favicon
Submitted: Nov 24, 2025, 2:21:27 PMCompleted: Nov 24, 2025, 2:22:44 PMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 1 country across 4 domains to perform 42 HTTP transactions. The main domain is gemini-lxiogin.gitbook.io.

Submitted URL: https://gemini-lxiogin.gitbook.io/sign-in/

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

High‑risk phishing page impersonating Gemini; do not enter credentials.

Risk Factors
Brand impersonation on a non‑official domain
Unranked and likely newly registered domain
Absence of a real authentication form while presenting a login façade
Use of crypto‑related promotional text to lure users
Subdomain of a third‑party hosting service (gitbook.io) used for phishing
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by Cloudflare bot protection. Our scanner was challenged or blocked during access.

Page Title

G𝓮miñi : Login | Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(87%)

Domain Information

The domain 'gemini-lxiogin.gitbook.io' uses the British Indian Ocean Territory country-code top-level domain (.io) with subdomain 'gemini-lxiogin'. The second-level label 'gitbook' is 7 characters long containing three vowels alongside 4 consonants. Segmentation suggests three words: g, it, book. Median word length comes out to two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://gemini-lxiogin.gitbook.io/sign-in/

Page Load Overview

1.54s
Total Load Time
42
HTTP Requests
4
Domains
1012 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:256 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software87% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
87%
documentation technical
75%
cryptocurrency blockchain
68%
finance banking
59%
government public service
34%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
34172.64.146.167United States
AS13335CLOUDFLARENET
9172.64.147.209United States
AS13335CLOUDFLARENET
7104.18.40.47United States
AS13335CLOUDFLARENET
3104.18.41.89United States
AS13335CLOUDFLARENET
32606:4700:4402::ac40:93d1United States
AS13335CLOUDFLARENET
32606:4700:4407::6812:282fUnited States
AS13335CLOUDFLARENET
32a06:98c1:3101::ac40:93bcUnited States
AS13335CLOUDFLARENET
32606:4700:4404::6812:2959United States
AS13335CLOUDFLARENET
32a06:98c1:310d::ac40:92a7United States
AS13335CLOUDFLARENET
32606:4700:4408::6812:2844United States
AS13335CLOUDFLARENET
4212--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T178B3F90A6105F7065DB6DE11223EBD3A80DED32797A4D0BDF24ED5A65B8803F0BE3964

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:GfLxLAyWvvt/dVP+O1XBh+q3nRvIOuP1lJcEC2UFOEwBGVPCcAjjRTqdfFwdEIhL:L3grCi3x4/Er

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:117125:gpAALakIocghPUCNXIgwCYgiBEpIBkEjgiaQWTIApBgFUcVAMQwB0MCqXKISQUE5SqHFMZAGC0EgAxpSEUIIE3rQGrgIaRoQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:efc3c3cbc3f3ffff
Perceptual Hash:b131879e9b836c6c
Difference Hash:599e969696160c40
Wavelet Hash:04c3c3c3c3c3e33f
Color Hash:#2da6d2

Other Hashes

Crop Resistant:599e969696160c40,00084c7262680408

Scan History

Scan history not available

Unable to load historical scan data