ScanMalware.com

Security Scan Report: wsfsbank.hive.templafy.com

Redirected to: https://login.microsoftonline.com/f9b3ecb3-61af-40a1-b741-e52b6fce574d/saml2?sso_reload=true

Submitted: Apr 8, 2026, 4:05:40 PMCompleted: Apr 8, 2026, 4:06:51 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://wsfsbank.hive.templafy.com

Effective URL: https://login.microsoftonline.com/f9b3ecb3-61af-40a1-b741-e52b6fce574d/saml2?sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #24,057 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 88%

3
Risk Score

The site appears to be a legitimate SSO redirect to Microsoft, but the critical IDS alert and obfuscated script suggest caution.

Risk Factors
Cross‑origin credential form (email + password) to an external domain
Critical network IDS alert indicating possible malicious large POST request
Highly obfuscated JavaScript (possible attempt to hide behavior)
Safety Factors
Domain age 8673 days (well‑established)
Cisco Umbrella ranking within top 100 K (indicates reputable domain)
No malicious Indicators of Compromise matches found
No YARA JavaScript malware patterns detected
Final destination is the official Microsoft login service
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(39%)

Domain Information

Within the commercial generic top-level domain (.com), 'wsfsbank.hive.templafy.com' is registered, featuring subdomain 'wsfsbank.hive'. The second-level label 'templafy' is 8 characters long holding 2 vowels versus 6 consonants. Segmentation suggests three words: temp, la, fy. Expect 2 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://wsfsbank.hive.templafy.com

Page Load Overview

1.60s
Total Load Time
31
HTTP Requests
8
Domains
549 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:119 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking39% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
39%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7104.208.16.91United States
AS8075
420.185.96.60Washington, Virginia, United States
AS8075Microsoft Corporation
440.126.31.71GermanyUnknown
413.107.246.44United States
AS8075Microsoft Corporation
420.190.160.66UnknownUnknown
440.126.32.140UnknownUnknown
42.16.241.211UnknownUnknown
317--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FC734AD97EA7293B878641B1B5B97E02AB366903894CDC60F64CC8883FEB74D9133547

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:la8GLG2eTvi5IyEk77gx2xpTvPoMmCfmEBfipwC:Q8N7iQ32RAaC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:79460:KClAjMIDELAnMLrBAAAYGqKGBAwgRUIFWBBJAgtkMSiTKYsiyg4JAi5FIAIAZLFhAbig2rYJFxhSoBqFAQpgBWU0o4SAODQG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000183818180000
Perceptual Hash:cccd3332ccc79998
Difference Hash:0010b272b2b20c31
Wavelet Hash:30303c3c3c3c0001
Color Hash:#9b2dd2

Other Hashes

Crop Resistant:b2f2f2bcb383aca2,a080c03032f08092,0010b272b2b20c31

Scan History

Scan history not available

Unable to load historical scan data