ScanMalware.com

Security Scan Report: raiffeisenonline.ro

Redirected to:
https://www.raiffeisenonline.ro/eBankingWeb/login
Site favicon
Submitted: May 11, 2026, 6:26:02 PMCompleted: May 11, 2026, 6:27:15 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 2 domains to perform 37 HTTP transactions. The main domain is raiffeisenonline.ro and was registered NaN years ago.

Submitted URL: https://raiffeisenonline.ro

Effective URL: https://www.raiffeisenonline.ro/eBankingWeb/loginRedirected

The Cisco Umbrella rank of the primary domain is #424,585 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 80%

7
Risk Score

The site mimics Raiffeisen Bank, has a critical C2 alert and heavily obfuscated scripts, indicating high‑risk malware distribution. Avoid interaction and report.

Risk Factors
Critical IDS alert indicating possible malware command‑and‑control activity
Low Cisco Umbrella ranking for a high‑profile brand
Highly obfuscated JavaScript code
Suspicious login form lacking password field (potential credential harvesting)
Brand impersonation on a non‑official domain
Domain age information unavailable

Details

Page Title

Raiffeisen Bank - Login

Scan Type

public

Language

🇷🇴

RO

(21% confidence)

Category

documentation technical

(92%)

Domain Information

The domain 'raiffeisenonline.ro' uses the Romanian country-code top-level domain (.ro). Count 16 characters in 'raiffeisenonline' holding 8 vowels versus eight consonants. Splitting it apart reveals 4 words: r, aiff, eisen, online. Median word length comes out to 4.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://raiffeisenonline.ro

Page Load Overview

3.58s
Total Load Time
49
HTTP Requests
2
Domains
1.0 MB
Total Size

Language Analysis

Primary Language

🇷🇴Romanian
Code: ro
Confidence:21%
Script:Unknown
Direction:ltr

Detection Details

Language Code:ro
Detection Confidence:21%
Script Type:Unknown
Text Length:1,213 chars
Detector Agreement:50%

Website Classification

Primary Category

documentation technical92% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

documentation technical
92%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
49193.138.103.5Romania
AS28853Raiffeisen Bank SA
491--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D2417CCE0C1DD51AC0103AF5F055E74AC494D209D271CAA869F0C67EBAF6AD8D81DFA8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:ImipIJZwCxA9ECzAaCoAx1CwAxrCsyAVwCI4wCBNAoFOLc+/Xu:frxApzAhoAxowAxGvA11XAoFOLZ/Xu

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2072:BACgAAAAShAQEAAAAAAAAAAICIBRABAAAEISIAJQACAAAIIAABRAAIGIBAAAIgAAAAIAAQEAAIgAQCEAAJQgIAAAAAAAAAAA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00000000ffffffff
Perceptual Hash:8000800000000000
Difference Hash:0000000000000000
Wavelet Hash:00000000ffffffff
Color Hash:#6c783a

Other Hashes

Crop Resistant:0000000000000000

Scan History

Scan history not available

Unable to load historical scan data