# gemmineligin.webflow.io — MALICIOUS

> Discover why gemmineligin.webflow.io is flagged as a high-risk phishing domain. Learn how to protect yourself from scams linked to this site.

## Summary
PhishDestroy identifies gemmineligin.webflow.io as an active high-risk generic phishing domain. This classification highlights the potential for malicious actors to impersonate legitimate entities and trick users into divulging sensitive information such as login credentials or financial data. Such threats pose significant risks to personal security and data privacy.

The domain resolves to the IP address 104.18.36.248 and is hosted using the Webflow.io platform. VirusTotal analysis shows that 17 out of 95 security vendors have flagged this domain, indicating a strong consensus on its malicious intent. The use of a popular hosting service can sometimes help attackers mask their operations, making vigilance essential.

Users are advised to avoid interacting with gemmineligin.webflow.io and refrain from clicking on any links or submitting personal information through this site. It is recommended to verify URLs carefully and use trusted security tools to detect phishing attempts. Reporting suspicious domains to security platforms can help protect the wider community from similar threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Gemini® Login: Empowering Digital Investors with Trusted

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248
- Nameservers: NS_NOT_FOUND

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "LevelBlue", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d00dc-a60b-7678-9900-35a470bd8270.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4a60ce5f-9541-4b3c-8098-7c2dbe14dfed
- PhishDestroy: https://phishdestroy.io/domain/gemmineligin.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/gemmineligin.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gemmineligin.webflow.io/
Last updated: 2026-03-19