suspicious phishing

other

malicious

e-commerce

Japanese

Domain 'gulfmedicaltourism.com' uses the commercial generic top-level domain (.com) with no subdomain. The registrable portion 'gulfmedicaltourism' spans 18 characters split between 7 vowels and 11 consonants. Tokenizing the label suggests three words: gulf, medical, tourism. Median word length is 7 characters. No strong language cues emerged from the frequency lists.

html/79/91/799107ba-7106-4c3c-93e5-dd0dd1846a4a_fallback.html.gz

ぷらら Webメール

email

expiretype

AuthenticationForm

empty

8967836c8cbe4355f7d9513e5702eae061450dce54fce4645227f9638673e9f2

a5305ea918ce512a010a07d2e50bceb701a099235e28c62061177c008d8816ad

3cfceca8f68d71c5d2cca9bdbf342954d8980e09024c3e4f48b45a4df145c573

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

GoDaddy.com, LLC

GULFMEDICALTOURISM.COM

Abuse NIC

ThreatMetrix Network Operations

CD15126-MNT

ThreatMetrix, Inc.

ORG-NCC1-RIPE

TMETRIX


ImgLoad(
'sso/pf/images/login_on.gif'
);

-->   function wopen()

function formSubmit()
{
	var urlparam = "";
	if( document.AuthenticationForm.expiretype.checked ) {
		urlparam = "expiretype=on";
	} else {
		urlparam = "expiretype=off";
	}
	if( document.AuthenticationForm.HIDEURL.value.match( /\?/ ) ) {
		document.AuthenticationForm.HIDEURL.value=document.AuthenticationForm.HIDEURL.value + "&" + urlparam;
	} else {
		document.AuthenticationForm.HIDEURL.value=document.AuthenticationForm.HIDEURL.value + "?" + urlparam;
	}
	document.AuthenticationForm.submit();
}
-->


✅ Low Risk - https://gulfmedicaltourism.com/infoupgrade/Sites/index.html

Requests	IP Address	Location	AS Autonomous System
24	198.57.149.230	United States	AS46606UNIFIEDLAYER-AS-1
20	91.235.133.182	United States	AS30286THM
10	2a03:7b40:0:1:3bdb:416:ddc6:2cef	United States	AS30286THM
4	91.235.132.130	United States	AS30286THM
1	91.235.134.131	United States	AS30286THM
51	5	-	-

Security Scan Report: gulfmedicaltourism.com

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History