ScanMalware.com

Security Scan Report: login-vb.com

Redirected to:
https://www.berliner-volksbank.de/services_auth/auth-frontend/?v=07a7e...
Submitted: Apr 6, 2026, 2:06:10 PMCompleted: Apr 6, 2026, 2:07:24 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 1 HTTP transaction. The main domain is berliner-volksbank.de.

Submitted URL: https://login-vb.com/

Effective URL: https://www.berliner-volksbank.de/services_auth/auth-frontend/?v=07a7e3dbcdf7b0a2ba613ec32cecba4f&client_id=fkp&redirect_uri=https:%2F%2Fwww.berliner-volksbank.de%2Fservices_cloud%2Fportal%2Fportal-oauth%2FloginRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing site impersonating Berliner Volksbank; harvests passwords via cross‑origin form.

Risk Factors
New domain (<7 days) with login form
Password‑only field (credential harvesting pattern)
Cross‑origin credential submission
Brand impersonation of a major bank
High‑severity IDS phishing alert
Domain age information unavailable

Details

Page Title

Log in - Berliner Volksbank

Scan Type

public

Language

🇩🇪

German

(50% confidence)

Category

finance banking

(96%)

Domain Information

You're looking at domain 'login-vb.com' on the commercial generic top-level domain (.com) without a subdomain. Count 8 characters in 'login-vb' holding two vowels versus 5 consonants, notching one hyphen. It segments into two words: login, vb. The median word length lands at 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://login-vb.com/

Page Load Overview

3.39s
Total Load Time
101
HTTP Requests
4
Domains
1.8 MB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en-GB
Text Length:743 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as de

Website Classification

Primary Category

finance banking96% confidence
Type: static
Method: ml+structural

All Detected Categories

finance banking
96%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
26192.0.78.27San Francisco, California, United States
AS2635Automattic, Inc
25184.24.77.30Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
25172.67.176.88United States
AS13335Cloudflare, Inc.
25195.200.51.198Germany
AS15590Atruvia AG
1014--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E005A544DB22202E7C2E5DF5C4D1AA64EBC0FD45D7827ADAFA2A1FA8C6C7DE1006C745

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:0oxPhFfEKCu7pWiUAN86NwGAJeD+4vDE4uB2dUkA5NdD5FBxXGvZekU+FXREAJm1:0oxrWV3GvZekU+FXREAJ7QAjWP

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:844827:AIdg5SJCxIwAAgIo3AggAFALTEDnRqAAiwE0iowgGGJIATRAojFYTWIeFCCsweQCMwp6CkAM8AEKw0plheAJARQEdKwTgACg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffbfffefefffff
Perceptual Hash:9f470e33630c3b33
Difference Hash:604066e2da583424
Wavelet Hash:003e1e3e62321111
Color Hash:#ac5365

Other Hashes

Crop Resistant:604066e2da583424,0101010101010101

Scan History

Scan history not available

Unable to load historical scan data