ScanMalware.com

Security Scan Report: mines-online.de

Submitted: May 27, 2026, 10:58:48 AMCompleted: May 27, 2026, 11:00:01 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 18 HTTP transactions. The main domain is mines-online.de.

Submitted URL: https://mines-online.de/doc/Agreement-settement/index.html#[email protected]

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

The site impersonates DocuSign, harvests passwords via a password‑only form, and embeds an email in the URL fragment; multiple strong signals confirm a credential phishing scam.

Risk Factors
Brand impersonation
Credential harvesting (password‑only form)
Email address in URL fragment
Unranked domain reputation
Password field without accompanying username/email field
Domain age information unavailable

Details

Page Title

DocuSign · Intelligent Agreement Management

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(47%)

Domain Information

The domain 'mines-online.de' uses the German country-code top-level domain (.de). Its registrable label 'mines-online' stretches across 12 characters holding 5 vowels versus six consonants, plus one hyphen. Tokenizing the label suggests two words: mines, online. Average segment length settles at 5.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mines-online.de/doc/Agreement-settement/index.html#rfranklin@secure-u.com

Page Load Overview

7.01s
Total Load Time
16
HTTP Requests
9
Domains
516 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:479 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software47% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
47%
documentation technical
42%
government public service
25%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2213.136.93.166Lauterbourg, Grand Est, France
AS51167Contabo GmbH
2142.251.110.94United States
AS15169Google LLC
2172.217.208.95United States
AS15169Google LLC
2142.251.152.119United States
AS15169Google LLC
2104.17.24.14United States
AS13335Cloudflare, Inc.
2192.0.78.25San Francisco, California, United States
AS2635Automattic, Inc
2172.67.69.232United States
AS13335Cloudflare, Inc.
2192.178.183.147United States
AS15169Google LLC
168--

Detected Technologies3

PasswordField
100%
WordPress
75%
reCAPTCHA
45%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19F1361067DD13C02664775FB3A5251D6E1A23A1F6402849AF10CFA96AFD2327EDF2E34

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:NwVjwNnyeF8FtMB3uhN79uCMHybLvYklQEY+9H89OCJ416o3UDk3QieqwV+APSZI:NiwNPi4FuhNUC1fCL0M3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:43663:ACQAwChSFdIC0QQIQIAMTlMhikIBBBIRMBSmsAhCAAkAE4LCgdUlAWIxSMYrFzwMKKPEy0QQoaBgCEBRpCmgB6IIGJBAGSYj

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cbdfc7cbe7e7e3e7
Perceptual Hash:b1199cbc3139337c
Difference Hash:92121e1a0e0e060e
Wavelet Hash:c3c3c3c3c3c3c3c3
Color Hash:#4e2dd2

Other Hashes

Crop Resistant:92121e1a0e0e060e

Scan History

Scan history not available

Unable to load historical scan data