MalwareTips
DANGEROUS

Fake shop — do not order

Domain was registered only 13 days ago — brand-new sites are higher-risk by default. The site shows patterns common to non-delivery scam shops. Don't submit payment details, and if you already paid by card or PayPal, start a chargeback today.

Security Review

Is gmxmall.com legit or a scam?

Our verdict:Dangerous· 8/100

Phishing login page for fake GMXMALL shop using Telegram/WhatsApp credential theft tactics, flagged by Gridinsoft and rated 0-17/100 trust by review sites.

Top reasons
Gridinsoft flags the page as phishing.Visuals show Telegram/WhatsApp login options, common for credential theft.Domain only 13 days old with no traffic indexing.
gmxmall.comScanned 39d ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 12
Category tags
phishing#Phishing#Fake Shop100% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/91
Engines flagged this URL
Domain Age
13 days old
Registered Apr 14, 2026
MT Intelligence
Dangerous
Critical likelihood · 100% confidence

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspection
0%
Confidence
The site shows a polished login page branded GMXMALL with shopping icons, Telegram login tab, WhatsApp bubble, and phone/email forms—classic phishing for stealing credentials. Gridinsoft in our antivirus network flags it as phishing, our strongest signal. Supporting this, the domain is only 13 days old with no contact details, valid SSL but hidden WHOIS owner, and three scam reports calling it a financial scam. No positive reviews or business registration raise our confidence to full malicious verdict.
Full dossier
Analysis complete

Page Content

Empty title and meta description with no body text, but visuals reveal a suspicious login form mimicking an e-commerce site called GMXMALL.

  • Telegram login tab, WhatsApp icon, and phone/email options urge credential submission.
  • No trust badges, contact info, emails, phones, or addresses found.

Infrastructure

Hosted on Cloudflare IP with clean reputation and valid Let's Encrypt SSL expiring in 76 days.

  • No redirects, homoglyphs, or external high-risk loads beyond Telegram and ad scripts.
  • Our sandbox and browser blocklists show clean.

Domain History

Registered just 13 days ago via Name SRS AB, privacy not protected, Netherlands registrant.

No prior history or traffic indexing, typical for quick scam setups.

Web Reputation

Three scam reports found, no positive reviews or complaints.

  • Gridinsoft labels it a financial scam for fake investments; others give 0-17/100 trust scores.
  • No business registration or user mentions on review sites.
Risk Factors
7
  • Gridinsoft flags the page as phishing.
  • Visuals show Telegram/WhatsApp login options, common for credential theft.
  • Domain only 13 days old with no traffic indexing.
  • No contact email, phone, or address anywhere.
  • Three scam reports label it a financial scam with 0-17/100 trust scores.
  • Hidden WHOIS owner and no business registration.
  • High visual risk score of 90/100 for fake e-commerce login patterns.
Positive Signals
4
  • Browser blocklist feeds show clean.
  • Hosting IP has zero abuse reports.
  • Valid SSL certificate from Let's Encrypt.
  • Our sandbox gave it a clean score of 0.
AI Recommendation
Do not log in or share credentials—close the page immediately. Run a full antivirus scan on your device and report the URL to your browser's browser blocklist feeds tools.
Next-gen fraud intelligence
Evidence-backedCross-checked

Website Preview

Screenshot of gmxmall.com
LIVE RENDER
gmxmall.com
1Visual risk score 90/100

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

90
/ 100
Critical visual risk

Visual red flags detected in the screenshot

Polished but highly suspicious login page for fake 'GMXMALL' site using Telegram/WhatsApp for phishing credentials. Exhibits multiple scam login patterns without legitimate branding.

Visual risk90/100

What our vision model saw

5 signals

Login page branded 'GMXMALL' with shopping bag icon and network graphics mimicking e-commerce sites

'Telegram Login' tab and WhatsApp icon (green WhatsApp bubble), common phishing elements for credential theft

'Phone Login' option alongside email/password form, urging multiple credential submission methods

Bottom-right avatar image with 'GMX' badge, resembling fake support or endorsement widget

No visible trust badges, security seals, or legitimate brand indicators

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for gmxmall.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
13 days
Registered Apr 2026
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
3 scam reports
Key findings
6 headline facts from open-web research
  • Domain registered on 2026-04-14, approximately 14 days old.
  • Gridinsoft classifies as financial scam with 1/100 trust score due to young domain and lack of user reviews.
  • Scam Detector gives 17.2/100 trust score, detects high-risk phishing and spam activity.
  • Scamadviser assigns 0/100 trust score, notes hidden owner identity.
  • No user reviews, complaints, or mentions on Reddit.
  • WHOIS: Registrar SRS AB, name servers Cloudflare, registrant country Netherlands.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • Gridinsoftopen

    "Gmxmall.com falls under financial scam activity. Domains in this group are commonly used for fake investment dashboards, advance-fee requests, and fraudulent credit offers."

  • Scam Detectoropen

    "gmxmall.com is a suspicious website, given all the risk factors and data numbers analyzed in this in-depth review."

  • Scamadviseropen

    "In summary, the trust score of gmxmall.com is extremely low. This is a strong indicator that the website may be a scam."

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Our research uncovered three scam reports on gmxmall.com. Gridinsoft classifies it as a financial scam used for fake investments and advance-fee fraud. Independent review sites give it 0-17/100 trust scores, citing the 14-day-old domain, hidden ownership, high phishing risk, and zero user reviews. No positive feedback, complaints, or business registration found.

Antivirus Engines

Detection matrix · live
1 engine flagged this URL

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

1Malicious0Suspicious59Harmless91Engines
0
of 91
Gridinsoft
Malicious· phishing

1 antivirus engine flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render
Page rendered in a safe sandbox
Requests made1
Unique IPs0
Countries4
Detected brandsNone

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Domain History
Age13 days old
RegistrarName SRS AB
RegisteredApr 14, 2026
ExpiresApr 14, 2027
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · E8
ExpiresJul 13, 2026 (76d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS

Server Reputation

Hosting
CountryUnknown
NetworkCLOUDFLARENET - Cloudflare, Inc., US
IP address188.114.96.3
Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

0 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Fake Shop
Fake Shop
Moderate likelihood
0/100
  • AI analyst tagged this as a fake shop.
  • No phone number or postal address anywhere on the page.
  • Multiple contact / trust-signal red flags on the page.
  • Domain is 13 days old — very young for a shop.
Phishing
Low-level signals
0/100
  • AI analyst tagged this as phishing.

Fake shop — do not order

Signals common to non-delivery scam shops were detected on this site.

  • Do not interact with gmxmall.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you already paid by card or PayPal — start a chargeback

    Contact your bank or card issuer and dispute the charge as "goods not received" or "merchant fraud." PayPal users can open a case in the Resolution Centre. Act within 120 days for card chargebacks in most jurisdictions.

  • Save every piece of evidence

    Screenshots of the checkout, order confirmation emails, any chat transcripts, and the product listing page. Chargeback and fraud reports go faster when you have receipts.

  • Report the shop

    Report to the FTC (reportfraud.ftc.gov), Action Fraud UK, or your local consumer-protection body. Post the URL on the MalwareTips scam forum so other buyers can find it.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

telegram.orgstatic.ads-twitter.comstatic.cloudflareinsights.com

Safety FAQ

Common questions about this site, answered from the scan data on this page. These are auto-generated — not hand-written — so they always match the underlying report.

  • Our automated security review flags gmxmall.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Final Verdict

0
Trust / 100
Final Verdict·gmxmall.com
DANGEROUS

This is a fake GMXMALL e-commerce login page designed to steal credentials via Telegram, WhatsApp, and email options. Our antivirus network flags it as phishing, backed by multiple scam reports and its 13-day-old domain. Avoid it completely and do not enter any personal information.

Do not log in or share credentials—close the page immediately. Run a full antivirus scan on your device and report the URL to your browser's browser blocklist feeds tools.

AV engines
91
MT passes
2
Net signals
1
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust1
loureiru.lol
30m ago
Read the review
Dangeroustrust14
cinewhale.cc
49m ago
Read the review
Dangeroustrust39
kabjember.com
1h ago
Read the review
Dangeroustrust41
by42.arswdppo.top
2h ago
Read the review
Dangeroustrust21
astral-games.xyz
2h ago
Read the review
Dangeroustrust25
oneshippros.com
2h ago
Read the review
Dangeroustrust34
movies4u.as
2h ago
Read the review
Dangeroustrust40
cineby.gd
3h ago
Read the review
Dangeroustrust14
lipopeakdrops.com
3h ago
Read the review
Dangeroustrust15
yooutube.com
7h ago
Read the review
Dangeroustrust1
youareanidiot.com
7h ago
Read the review
Dangeroustrust12
flixhd.cc
7h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
Scanned by
JackStaff
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.