# gemninlogine.webflow.io — MALICIOUS

> PhishDestroy identifies gemninlogine.webflow.io as an active credential phishing domain with 21 out of 95 security vendors flagging it.

## Summary
PhishDestroy identifies gemninlogine.webflow.io as an active credential phishing domain posing as a legitimate service to steal login credentials. This malicious site uses a deceptive Webflow.io subdomain to appear trustworthy while harvesting user data. Attackers often embed fake login forms on such platforms to trick victims into submitting sensitive information, which is then exfiltrated to remote servers.  This domain is flagged by 21 out of 95 security vendors on VirusTotal, indicating a high detection rate among cybersecurity tools. It resolves to IP 172.64.151.8 and operates under Google Trust Services' SSL certificate, which adds a false sense of legitimacy. While the certificate itself is valid, the site's malicious purpose undermines its authenticity. The domain’s structure mimics official services, making it harder for users to detect the deception.  If you visited gemninlogine.webflow.io, immediately avoid entering any credentials or personal information. Change passwords for accounts associated with this domain if you accidentally submitted them. Use a reputable security tool to scan your device for malware and monitor accounts for suspicious activity. Avoid interacting with this domain further and report it to your cybersecurity team or relevant authorities.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 172.64.151.8

## Detection Status
- VirusTotal: 21 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ce6cf883-e2e4-4026-a359-96df3f368588
- PhishDestroy: https://phishdestroy.io/domain/gemninlogine.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/gemninlogine.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gemninlogine.webflow.io/
Last updated: 2026-03-22