# gmn.952155.xyz — MALICIOUS

> gmn.952155.xyz is linked to high-risk phishing activity. Stay protected and avoid this domain. Learn more about its threat profile now.

## Summary
PhishDestroy identifies gmn.952155.xyz as a high-risk generic phishing domain. It was registered on February 21, 2026, and classified as a malicious site aimed at credential theft.

The domain was registered through a dead domain registrar and appeared on one security blocklist. VirusTotal flagged it by 14 out of 95 security vendors, indicating significant suspicion. Technical indicators suggest phishing infrastructure designed to deceive users.

Currently, gmn.952155.xyz is offline and no longer accessible. PhishDestroy recommends continued monitoring and blocking to prevent potential phishing attacks from similar domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Gemini
- Page title: 验证页面 - Gemini Balance

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 43.174.247.29
- SSL Issuer: R13

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "SOCRadar", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b79a8-f369-7422-a9af-1a7ae915ae2f.png
- PhishDestroy: https://phishdestroy.io/domain/gmn.952155.xyz/
- LLM endpoint: https://phishdestroy.io/domain/gmn.952155.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gmn.952155.xyz/
Last updated: 2026-03-19