# ganiimlogin.webflow.io — MALICIOUS

> ganiimlogin.webflow.io is linked to credential phishing. Avoid entering sensitive info and report suspicious activity to stay safe.

## Summary
PhishDestroy identifies ganiimlogin.webflow.io as an active credential phishing domain posing a high risk to users. This domain is designed to harvest login credentials by mimicking legitimate login portals.

The domain resolves to IP address 104.18.36.248 and is hosted on the Webflow platform. VirusTotal flags 16 out of 95 security vendors for this domain, confirming its malicious nature. The domain's infrastructure leverages common hosting services to evade detection.

This phishing campaign remains active under unique seed 1def64. Users are strongly advised to avoid interaction with this domain, refrain from submitting any personal information, and report any suspicious emails or messages referencing it.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: signing In - Gemini

## Domain Intelligence
- Registered: 2026-03-05 13:07:01
- Registrar: MarkMonitor, Inc.
- Country: US
- IP: 104.18.36.248
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content
- Meta description: Gemini is also a licensed and regulated cryptocurrency exchange, fostering trust and confidence among its users. ‍Gemini login provides a reliable and feature-rich trading Gemini is also a licensed and regulated cryptocurrency exchange, fostering trust and confidence among its users. ‍Gemini login provides a reliable and feature-rich trading  emini Login is a process that allows users to securely log into their Gemini accounts and access their funds. It involves setting up two-factor authentication and entering a secure
- Meta title: signing In - Gemini

### Page Text
signing In - Gemini signing In - Gemini Gemini Login is a cryptocurrency exchange platform founded in 2014. It allows users to buy, sell, and store various cryptocurrencies in a secure and regulated environment. Gemini plays a crucial role in the crypto industry by providing a trusted platform for individuals and institutions to engage in cryptocurrency trading and investment. ‍ 2. T o log into your Gemini account, follow these steps: - Visit the Gemini website at https://www.gemini.com/.   - Click on the "Login" button located in the top right corner of the homepage.   - Enter your registered email address and password.   - Complete any additional security steps, such as two-factor authentication if enabled.   - Click on the "Login" button to access your account. ‍ 3. Protecting your Gemini account is essential to ensure the safety of your funds and personal information. Here are some best practices for keeping your account secure: - Use a strong and unique password, avoiding common words or patterns. - Enable two-factor authentication (2FA) with an authenticator app for an additional layer of security. - Regularly update your password and avoid reusing it for other accounts. - Be cautious of phishing attempts and never share your login credentials with anyone. - Keep your computer and devices secure with up-to-date antivirus software and operating system patches. - Monitor your account activity regula

### External Scripts
- https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64b67648c66e41b4809c442f
- https://cdn.prod.website-files.com/64b67648c66e41b4809c442f/js/webflow.24a563ff7.js

### External Links
- https://ganiimlogin.webflow.io/

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbdf5-c741-772e-ae8c-a0e9dd0e5ae7.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/ganiimlogin.webflow.io
- Wayback Machine: https://web.archive.org/web/https://ganiimlogin.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/ganiimlogin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/ganiimlogin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ganiimlogin.webflow.io/
Last updated: 2026-03-16