Security Scan Report: ronetra.vip

Redirected to:
https://ronetra.vip/main.php?region=europe
Submitted: Apr 4, 2026, 2:11:44 PMCompleted: Apr 4, 2026, 2:12:52 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 2 domains to perform 14 HTTP transactions. The main domain is ronetra.vip and was registered NaN years ago.

Submitted URL: http://ronetra.vip/main.php?region=europe

Effective URL: https://ronetra.vip/main.php?region=europeRedirected

AI Security Verdict

Low Risk

Confidence: 92%

3
Risk Score

The site is flagged by Cloudflare as a phishing page, is brand‑new and unranked, and ML analysis strongly indicates phishing – treat as high‑risk and report.

Risk Factors
Very new domain (<90 days)
Unranked / low reputation
Cloudflare flagged the domain as phishing
Phishing‑related wording in page title and body
Safety Factors
No concrete malicious signal (no IoC / YARA / Safe-Browsing / IDS / credential form / brand impersonation) — elevated risk rested on domain age or reputation alone; clamped from 8 to 3
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by Cloudflare bot protection. Our scanner was challenged or blocked during access.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(86%)

Domain Information

The domain 'ronetra.vip' uses the .vip top-level domain and has no subdomain. Its registrable label 'ronetra' stretches across 7 characters holding 3 vowels versus four consonants. Segmentation suggests 3 words: r, one, tra. Median word length comes out to three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://ronetra.vip/main.php?region=europe

Page Load Overview

0.49s
Total Load Time
14
HTTP Requests
2
Domains
3 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:395 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam86% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
86%
technology software
28%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5104.18.94.41United States
AS13335Cloudflare, Inc.
3104.18.95.41United States
AS13335Cloudflare, Inc.
3188.114.97.3United States
AS13335Cloudflare, Inc.
3188.114.96.3United States
AS13335Cloudflare, Inc.
144--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T199A17472FABD143F2193817266BDBB0A3965C047CBA609903ABCC2755F4BF51AD132C5

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:liADa/D+DMFBzLeiO/tjAyovc4LZieeTuanRC3vaQxvb0:liEa/SoFnOVm7LZYuanM3Cej0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4908:ACkAVAiQABAJgIUASACwgCMCQAhAQAEIAADhAkArYBiCHBgABgQYUSDIEBUEIBAQAEiwIggCDABSAKgQIQEgEACKABQAQAFE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:df8787ffe7e7ffff
Perceptual Hash:b8389cc7c7c7243c
Difference Hash:203c3c1004040000
Wavelet Hash:9c840000c3c3ffff
Color Hash:#1f8893

Other Hashes

Crop Resistant:203c3c1004040000

Scan History

Scan history not available

Unable to load historical scan data