ScanMalware.com

Security Scan Report: bienlinea.bi.com.gt

Redirected to:
https://www.bienlinea.bi.com.gt/InicioSesion/Inicio/Autenticar
Site favicon
Submitted: May 14, 2026, 4:37:07 AMCompleted: May 14, 2026, 4:39:23 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 43 HTTP transactions. The main domain is bienlinea.bi.com.gt.

Submitted URL: https://bienlinea.bi.com.gt

Effective URL: https://www.bienlinea.bi.com.gt/InicioSesion/Inicio/AutenticarRedirected

The Cisco Umbrella rank of the primary domain is #196,454 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Site impersonates Banco Industrial, harvests passwords, and shows a critical C2 beacon; treat as confirmed malware/phishing scam.

Risk Factors
Brand impersonation (Banco Industrial)
Credential harvesting form with password only
Critical IDS malware/C2 alert
Unknown / newly registered domain
Low domain reputation ranking
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by imperva bot protection. Our scanner was challenged or blocked during access.

Page Title

BI En Línea

Scan Type

public

Language

🇪🇸

Spanish

(50% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'bienlinea.bi.com.gt' on the Guatemalan country-code top-level domain (.com.gt) and includes subdomain 'bienlinea'. The second-level label 'bi' is 2 characters long holding 1 vowel versus one consonant. Splitting it apart reveals 1 word: bi. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bienlinea.bi.com.gt

Page Load Overview

4.10s
Total Load Time
47
HTTP Requests
6
Domains
4.3 MB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en
Text Length:957 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as es

Website Classification

Primary Category

unknown0% confidence
Type: spa
Method: structural

All Detected Categories

No categories detected

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
12142.251.150.119United States
AS15169Google LLC
7142.250.154.97United States
AS15169Google LLC
7172.66.154.78United States
AS13335Cloudflare, Inc.
7142.251.110.94United States
AS15169Google LLC
745.60.14.249United States
AS19551Incapsula Inc
7149.126.77.241Frankfurt am Main, Hesse, Germany
AS19551Incapsula Inc
476--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E6433C166CF001274433B06997EBE61DF5B1A107A619CC5036AC87D41FCAFEA5EA3ED8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:6h+OMa5ZDxEZz7IDIMIXkZ+bjaf35tCgqdg+YgdZ:6hPf5ZDx2z7IDIM4jaf370dg+YgdZ

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:56390:QIwSQCSG1CpAQjw0OJyomhCQARUiQfoNh1ME4BZODtUUAA0QAwsEyZVhAEIwEiBFICQITV0sIAA4IABITKh1hxRcYnAyUbAh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data