ScanMalware.com

Security Scan Report: rotter.net

Site favicon
Submitted: Jun 21, 2026, 6:36:48 AMCompleted: Jun 21, 2026, 6:38:32 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 2 HTTP transactions. The main domain is rotter.net and was registered NaN years ago.

Submitted URL: https://rotter.net

The Cisco Umbrella rank of the primary domain is #664,557 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 78%

3
Risk Score

The site appears to be a legitimate news portal, but heavy script obfuscation and many redirects raise a moderate risk level.

Risk Factors
High JavaScript obfuscation (eval, Function, base64 encoding)
Multiple redirects (8)
Numerous third‑party ad and analytics domains
Safety Factors
Long‑standing domain registration
Absence of credential or payment collection forms
No Indicators of Compromise matches
No IDS/Suricata alerts
Self‑branding news site with consistent meta description
Verdict cited a credential/login form, but DOM analysis found no password field (real or disguised) or payment field, and no other hard signal — credential-phishing framing unsupported; risk adjusted from 5 to 3
Domain age information unavailable

Details

Page Title

חדשות | חדשות רוטר.נט

Scan Type

public

Language

🇮🇱

HE

(79% confidence)

Category

entertainment media

(93%)

Domain Information

Within the network infrastructure generic top-level domain (.net), 'rotter.net' is registered with no subdomain. The registrable portion 'rotter' spans 6 characters split between two vowels and 4 consonants. Splitting it apart reveals two words: r, otter. Average segment length settles at 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://rotter.net

Page Load Overview

10.42s
Total Load Time
478
HTTP Requests
62
Domains
5.0 MB
Total Size

Language Analysis

Primary Language

🇮🇱Hebrew
Code: he
Confidence:79%
Script:Hebrew
Direction:rtl

Detection Details

Language Code:he
Detection Confidence:79%
Script Type:Hebrew
Text Length:18,881 chars
Detector Agreement:100%

Website Classification

Primary Category

entertainment media93% confidence
Type: static
Method: ml+structural

All Detected Categories

entertainment media
93%
forum community discussion
91%
download file sharing
87%
news media journalism
82%
cryptocurrency blockchain
79%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
65104.21.9.156United States
AS13335Cloudflare, Inc.
59104.26.8.27United States
AS13335Cloudflare, Inc.
59104.26.3.209United States
AS13335Cloudflare, Inc.
59104.21.27.152United States
AS13335Cloudflare, Inc.
59146.75.121.44Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
59185.15.59.240United States
AS14907Wikimedia Foundation Inc.
5918.245.86.76United States
AS16509Amazon.com, Inc.
59142.250.154.156United States
AS15169Google LLC
4788--

Detected Technologies4

Cloudflare Bot Management
55%
HTTP/3
40%
HSTS
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B88409B2E1C101374113D2C9EEA4FB6D9292522DDB43096CF79E43685ACEDE274633AD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:SKWEBtI+r8tu+Xvmwt+arGFfWKHLUVDaNmaQLtFedGO2R+I6gfhPmYM4EuhyVdAA:SKWEBtIqOREuhwCVzxtChrL

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:391489:IsGsiUCwQwAsVADvIqsREA+TVDxCYQGrMnI6QSKULAGTQAyAEhQQIAIToouLiG4QSgAMVJLkHkSBWBOYYIcACLgAb0xWAyCv

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data