ScanMalware.com

Security Scan Report: banking.whoherbert.org

Redirected to: https://wise.com/login

Submitted: Mar 24, 2026, 3:40:51 AMCompleted: Mar 24, 2026, 3:41:46 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 21 HTTP transactions. The main domain is wise.com and was registered NaN years ago.

Submitted URL: http://banking.whoherbert.org/

Effective URL: https://wise.com/loginRedirected

AI Security Verdict

Moderate Risk

Confidence: 78%

4
Risk Score

The page imitates Wise login on an unrelated, unranked domain; while the final URL is legitimate, the presence of a credential form on this domain warrants caution.

Risk Factors
Login form on a domain that does not match the branded Wise identity
Cross‑origin credential submission to the official Wise site
Unranked domain increases suspicion for brand impersonation
Safety Factors
Domain is over 30 years old, indicating a well‑established site
No malicious Indicators of Compromise detected
No JavaScript malware patterns identified
Final URL (wise.com) matches the Wise brand
HTTPS used for the final destination
Domain age information unavailable

Details

Page Title

Wise - Login

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

social media network

(80%)

Domain Information

Within the non-profit oriented generic top-level domain (.org), 'banking.whoherbert.org' is registered and includes subdomain 'banking'. Count 10 characters in 'whoherbert' split between three vowels and seven consonants. Breaking it apart gives 2 words: who, herbert. Median word length is five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://banking.whoherbert.org/

Page Load Overview

2.43s
Total Load Time
55
HTTP Requests
8
Domains
174 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:377 chars
Detector Agreement:100%

Website Classification

Primary Category

social media network80% confidence
Type: spa
Method: ml+structural

All Detected Categories

social media network
80%
technology software
58%
documentation technical
35%
finance banking
35%
corporate
25%

Detected Features

Login Form
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
13142.251.37.8United States
AS15169
7150.171.28.10United States
AS8075Microsoft Corporation
783.243.41.150Germany
AS34549meerfarbig GmbH & Co. KG
7104.18.95.41United States
AS13335Cloudflare, Inc.
735.186.241.51United States
AS13335
734.95.85.136Kansas City, Missouri, United States
AS396982Google LLC
7104.18.39.116United States
AS13335Cloudflare, Inc.
557--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14BA3195E81101C7707C307C776769A0F306B94C8CAD1A4AD8FB9428EA7DAFA5732B9C5

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:RoZ785Iy8dec7nPD+/0r6C7cQhvtNRiq/mZJYFmkKE5BhCaGWV2ayf3KYWZMr6F:RoX7nPDFr6C7cQhvtr/+rJkF7eOF

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:103760:E0wUuKQQgsAGCwAgRbMAJ0qGJlARC2KEWBACISgic+CEDDsxASSKNALAAiMgFRcIMybkwAKCiyOQOPBIIQSVDZYAQMhkEG6U

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000007e7e
Perceptual Hash:926d963d0c9e6996
Difference Hash:294d4d114d0ff8e8
Wavelet Hash:0107030707077f7f
Color Hash:#78633a

Other Hashes

Crop Resistant:294d4d114d0ff8e8

Scan History

Scan history not available

Unable to load historical scan data