ScanMalware.com

Security Scan Report: scaweb2.bsan.mobi

Redirected to: https://scaweb2.bsan.mobi/sca/errors/authenticate

Submitted: Jan 25, 2026, 4:39:04 PMCompleted: Jan 25, 2026, 4:40:36 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 1 HTTP transaction. The main domain is scaweb2.bsan.mobi and was registered NaN years ago.

Submitted URL: https://scaweb2.bsan.mobi/hcgbvua

Effective URL: https://scaweb2.bsan.mobi/sca/errors/authenticateRedirected

AI Security Verdict

High Risk

Confidence: 78%

8
Risk Score

Page impersonates Santander on an unranked domain – likely phishing.

Risk Factors
Brand impersonation (Santander) on unrelated domain
Unranked/low‑reputation domain claiming a major brand
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by imperva bot protection. Our scanner was challenged or blocked during access.

Page Title

SCA - Medios de Pago

Scan Type

public

Language

🇪🇸

Spanish

(52% confidence)

Category

finance banking

(97%)

Domain Information

The domain 'scaweb2.bsan.mobi' uses the .mobi top-level domain; it also runs on subdomain 'scaweb2'. The second-level label 'bsan' is 4 characters long holding 1 vowel versus three consonants. Breaking it apart gives two words: b, san. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://scaweb2.bsan.mobi/hcgbvua

Page Load Overview

2.42s
Total Load Time
31
HTTP Requests
8
Domains
519 KB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:52%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:52%
Script Type:Latin
HTML Lang Attribute:en
Text Length:121 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as es

Website Classification

Primary Category

finance banking97% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
97%
phishing scam
63%
documentation technical
35%
corporate business
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1613.33.187.60United States
AS15169
1545.60.197.69United States
AS19551Incapsula Inc
312--

Detected Technologies6

Imperva
85%
Dynatrace
50%
HSTS
40%
Google Analytics
35%
Tealium
20%
Dynatrace RUM
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14322C4834B5881779DBA8DADEDF13E04B02AA49BE029C2C1D95F1513F87D8E589EC74C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:TDNK7J+O8/ATUOfgFRT70i1C03zjKiy/mZfvrd6tWTU8+ATZcRrrZEahOppE+/nN:I7JX8yfDWFfvR6N8BN4uaiI1xw9MSNP

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:10534:woKag5UKEMgJ6FAGFQITlqABaxYgQAtYAAgxIKTKZghK1aCQEBQMRHKgQwKaBFGl4iGxiEEHUEQdLQdfRQCQ0dAiHAoUBARB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7ffffe7e7e7ffff
Perceptual Hash:e699993366889b33
Difference Hash:0800000c0c080000
Wavelet Hash:273f272707070f0f
Color Hash:#3a785a

Other Hashes

Crop Resistant:0800000c0c080000

Scan History

Scan history not available

Unable to load historical scan data