Security Scan Report: serenitytea.in

Site favicon
Submitted: Oct 13, 2025, 7:55:31 AMCompleted: Oct 13, 2025, 7:56:27 AMpubliccompleted
Loading additional data...

Summary

This website contacted 25 IPs in 2 countries across 8 domains to perform 12 HTTP transactions. The main domain is serenitytea.in and was registered NaN years ago.

Submitted URL: https://serenitytea.in/ons/ontwerp/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing site impersonating Dropbox/Chase; high risk to credentials.

Risk Factors
Credential harvesting form on an unranked domain
Brand impersonation of well‑known services (Dropbox, Chase)
Social engineering threats detected by Google Safe Browsing
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

serenitytea.in

Scan Type

public

Language

🇺🇸

English

(64% confidence)

Category

download file sharing

(49%)

Domain Information

The domain 'serenitytea.in' uses the Indian country-code top-level domain (.in) while skipping any subdomain. Its registrable label 'serenitytea' stretches across 11 characters split between 5 vowels and 6 consonants. Segmentation suggests two words: serenity, tea. Average segment length settles at 5.5 characters. Most frequently, 'serenity' shows up in English. Usage also turns up in Chinese (Pinyin) and Danish contexts. Taken together, it feels English.

Screenshot

Security scan screenshot of https://serenitytea.in/ons/ontwerp/

Page Load Overview

33.73s
Total Load Time
12
HTTP Requests
8
Domains
123 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:64%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:64%
Script Type:Latin
HTML Lang Attribute:en
Text Length:108 chars
Detector Agreement:100%

Website Classification

Primary Category

download file sharing49% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

download file sharing
49%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
12104.18.11.207United States
AS13335CLOUDFLARENET
0142.250.74.202United States
AS15169GOOGLE
0192.185.146.140United States
AS19871NETWORK-SOLUTIONS-HOSTING
0151.101.2.137San Francisco, California, United States
AS54113FASTLY
0142.250.186.42United States
AS15169GOOGLE
0104.17.24.14United States
AS13335CLOUDFLARENET
0104.18.10.207United States
AS13335CLOUDFLARENET
0104.18.40.68United States
AS13335CLOUDFLARENET
0172.64.147.188United States
AS13335CLOUDFLARENET
02a04:4e42:600::649United States
AS54113FASTLY
1225--

Detected Technologies8

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15C126D1278F808290003989D79FEA91E6D9BEB075609DC04395DFFA00FD1A0BDD23BA9

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:R2Lrxhj4nc+OxqH0rTqrVMl6+7p/wS6DDJmzD2vdoEh27chj:UZB4nhN0nqA6AdwOzqvdH

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:9886:WCAkuyrEGOVICAVzwEAEQFHgQgFAEkxClMJUhYiBIBYAgAGCgKBQgkcqjGWYGASAElRCJFSIiLNBSHfRDBnLkRgLZwBxCAIC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:797110777f797110
Perceptual Hash:c8c949c9b6769b19
Difference Hash:c3d774c5c3c3d7d4
Wavelet Hash:797110777f793110
Color Hash:#cdd22d

Other Hashes

Crop Resistant:c3d774c5c3c3d7d4

Scan History

Scan history not available

Unable to load historical scan data