ScanMalware.com

Security Scan Report: mines-online.de

Submitted: May 27, 2026, 11:17:30 AMCompleted: May 27, 2026, 11:18:43 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 18 HTTP transactions. The main domain is mines-online.de.

Submitted URL: https://mines-online.de/doc/Agreement-settement/index.html#[email protected]

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

The site pretends to be DocuSign, harvests passwords via a password‑only form and embeds a mismatched email in the URL; it is a confirmed credential phishing scam.

Risk Factors
Brand impersonation
Credential harvesting form (password‑only)
Email in URL fragment with mismatched domain
Unranked domain reputation
Password field without username
Domain age information unavailable

Details

Page Title

DocuSign · Intelligent Agreement Management

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(48%)

Domain Information

Within the German country-code top-level domain (.de), 'mines-online.de' is registered while skipping any subdomain. Its registrable label 'mines-online' stretches across 12 characters holding five vowels versus 6 consonants, notching one hyphen. Splitting it apart reveals 2 words: mines, online. The median word length lands at 5.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mines-online.de/doc/Agreement-settement/index.html#rlfranklin@secure-u.com

Page Load Overview

6.72s
Total Load Time
16
HTTP Requests
9
Domains
516 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:480 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software48% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
48%
documentation technical
40%
government public service
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2104.26.2.6United States
AS13335Cloudflare, Inc.
2142.251.20.104United States
AS15169Google LLC
2192.0.78.24San Francisco, California, United States
AS2635Automattic, Inc
2142.251.110.94United States
AS15169Google LLC
2213.136.93.166Lauterbourg, Grand Est, France
AS51167Contabo GmbH
2142.251.151.119United States
AS15169Google LLC
2104.17.25.14United States
AS13335Cloudflare, Inc.
2142.250.154.95United States
AS15169Google LLC
168--

Detected Technologies3

PasswordField
100%
WordPress
75%
reCAPTCHA
45%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1CB1361067DD13C02664775FB3A5251D6E1A23A1F6402849AF10CFA96AFD2327EDF2E34

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:NwVjwNnyeF8FtMB1uhN79uCMHybLvYklQEY+9H89OCJ416o3UDk3QieqwV+APSZI:NiwNPi4ruhNUC1fCL0M3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:43665:AWgwAAWY0KJKVQ44YQMghOGPBRwQjwOEQGYpQRAABpgBEheG0ioToYNQQAZpvZChR6gU1xATAErRSACKMCGEhfwcKMKGwACD

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cbdfc7cbe7e7e3e7
Perceptual Hash:b1199cbc3139337c
Difference Hash:92121e1a0e0e060e
Wavelet Hash:c3c3c3c3c3c3c3c3
Color Hash:#abac53

Other Hashes

Crop Resistant:92121e1a0e0e060e

Scan History

Scan history not available

Unable to load historical scan data