Security Scan Report: gorimas-secured-document-portal.andesgtt.com

Redirected to:
https://gorimas-secured-document-portal.andesgtt.com/webinars
Submitted: Apr 28, 2026, 2:16:46 AMCompleted: Apr 28, 2026, 2:17:56 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 7 HTTP transactions. The main domain is gorimas-secured-document-portal.andesgtt.com and was registered NaN years ago.

Submitted URL: http://gorimas-secured-document-portal.andesgtt.com/webinars

Effective URL: https://gorimas-secured-document-portal.andesgtt.com/webinarsRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

The site is confirmed phishing; Cloudflare, ML analysis, and OCR all indicate credential theft – avoid and report.

Risk Factors
Unranked domain reputation
Recent domain age (174 days)
Form present on a phishing‑flagged page
Eval() calls (22) indicating dynamic code execution
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(86%)

Domain Information

The domain 'gorimas-secured-document-portal.andesgtt.com' uses the commercial generic top-level domain (.com) and includes subdomain 'gorimas-secured-document-portal'. The registrable portion 'andesgtt' spans 8 characters with two vowels and six consonants. Segmentation suggests three words: andes, gt, t. Expect 2 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://gorimas-secured-document-portal.andesgtt.com/webinars

Page Load Overview

0.39s
Total Load Time
14
HTTP Requests
2
Domains
2 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:395 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam86% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
86%
technology software
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7104.18.94.41United States
AS13335Cloudflare, Inc.
7188.114.96.3United States
AS13335Cloudflare, Inc.
142--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T183B18573FABD147F109391B266B9B70939A5C047CB9A09903ABCC2751F8BF55AD132C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:PjnjtjuiADa/D+DMFBzLeiO/tjA4SIQGf4xLZieZujnRm3vaQxvb0:PjnjtjuiEa/SoFnOVfeA4xLZhujnI3C5

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:5132:gC1AENgEAAUJgJQggACQhCAUQEQjQAAAABjwBkCHFMACASmAgIAIAZAElEMMgDAAQIECQDBUmwBbgCiQSQAKBEEIUAABAAFi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:df8787ffe7e7ffff
Perceptual Hash:b8389cc7c7c7243c
Difference Hash:203c3c1004140000
Wavelet Hash:9f878f8f03030f0f
Color Hash:#867d2d

Other Hashes

Crop Resistant:203c3c1004140000

Scan History

Scan history not available

Unable to load historical scan data