ScanMalware.com

Security Scan Report: docateur.de

Redirected to:
https://docateur.de/login
Submitted: Apr 30, 2026, 5:42:05 AMCompleted: Apr 30, 2026, 5:43:36 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 1 HTTP transaction. The main domain is docateur.de.

Submitted URL: https://docateur.de/

Effective URL: https://docateur.de/loginRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

The site hosts a credential‑collecting login form on an unranked, newly registered domain while falsely displaying Google branding, indicating a high‑risk phishing/brand impersonation site.

Risk Factors
Unranked domain with unknown age
Brand mismatch – Google branding on unrelated domain
Credential collection form on a newly registered site
Domain age information unavailable

Details

Page Title

login | docateur

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(47%)

Domain Information

The domain name 'docateur.de' uses the German country-code top-level domain (.de) without a subdomain. The second-level label 'docateur' is 8 characters long split between four vowels and 4 consonants. Breaking it apart gives 3 words: doc, at, eur. Average segment length settles at three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://docateur.de/

Page Load Overview

2.40s
Total Load Time
38
HTTP Requests
7
Domains
308 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:192 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software47% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
47%
documentation technical
39%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
10142.251.127.84United States
AS15169Google LLC
7146.75.120.176Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
7216.24.57.1United States
AS397273Render
7104.26.3.143United States
AS13335Cloudflare, Inc.
765.8.131.30United States
AS16509Amazon.com, Inc.
385--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11843E955B414223AAC2785E0D9C8B66CF126F182EE3698FAF58D0465EFC3FF61C97604

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:DOhnY3Zkg+WbQkGk70rGV4xksc64Jysq7vkDMyJvlM/e:qh4Zkkr7ebx/c64Jysq7vkD7h

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:56127:yBhFoAxAkiKkwiCAQItgy2IEmiQEEgAIIglCWSI4bCIhAA6JxUF20ESXQADUAAhCJDGuAcIgEBEhjkgagCRNSIVBIMkSUZyB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7ffffe7e7fe
Perceptual Hash:f3c86623d9669989
Difference Hash:10280c30324c4d30
Wavelet Hash:ffe7e2d8d8c0c0c0
Color Hash:#2e2d86

Other Hashes

Crop Resistant:10280c30324c4d30

Scan History

Scan history not available

Unable to load historical scan data