ScanMalware.com

Security Scan Report: mines-online.de

Submitted: May 26, 2026, 2:31:55 PMCompleted: May 27, 2026, 10:05:47 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 17 HTTP transactions. The main domain is mines-online.de.

Submitted URL: https://mines-online.de/doc/Agreement-settement/index.html#[email protected]

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

The site pretends to be DocuSign, harvests passwords via a form without a username field, and includes a deceptive email in the URL; classified as a confirmed scam.

Risk Factors
Brand impersonation
Credential harvesting form lacking username
Misleading email in URL fragment
Unranked domain
Password-only field pattern
Domain age information unavailable

Details

Page Title

DocuSign · Intelligent Agreement Management

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(52%)

Domain Information

Domain 'mines-online.de' uses the German country-code top-level domain (.de) and has no subdomain. The core label 'mines-online' covers 12 characters containing five vowels alongside 6 consonants; it also includes 1 hyphen. Splitting it apart reveals two words: mines, online. Average segment length settles at 5.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mines-online.de/doc/Agreement-settement/index.html#acelaya@infomanagerinc.com

Page Load Overview

90.16s
Total Load Time
15
HTTP Requests
9
Domains
491 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:493 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software52% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
52%
documentation technical
37%
government public service
30%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8142.251.110.94United States
AS15169Google LLC
1172.67.69.232United States
AS13335Cloudflare, Inc.
1142.251.156.119United States
AS15169Google LLC
1192.0.78.24San Francisco, California, United States
AS2635Automattic, Inc
1213.136.93.166Lauterbourg, Grand Est, France
AS51167Contabo GmbH
1104.17.24.14United States
AS13335Cloudflare, Inc.
1172.217.208.95United States
AS15169Google LLC
1192.178.183.147United States
AS15169Google LLC
158--

Detected Technologies2

PasswordField
100%
WordPress
75%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1891371067DE13C02664775FB3A5251D6E1A23A1F6402849AF10CFA96AFD2317EDF2E34

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:NwVjwNnyeF8FtUB9XuhN79uCMHybLvYklQEY+9H89OCJ416o3UDk3QieqwV+APSS:NiwNPiQ3XuhNUC1fCL0M3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:43683:uRAsAAwIqcYogBgAEhABLAsQAK0kjLNHsMStK4TjSTEAAZAgCYRkJdABS8BKFIHgwpHkCit1gTMxWBAYFHKMEQAAACQACkgG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cbdfc7c3e7e7e3e7
Perceptual Hash:b1389c9c3939337c
Difference Hash:92120e1e0e0e060e
Wavelet Hash:c3c3c3c3c3c3c3c3
Color Hash:#4e2dd2

Other Hashes

Crop Resistant:92120e1e0e0e060e

Scan History

Scan history not available

Unable to load historical scan data