aktifkaans-payllterdnax.dipsea.biz.id
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of aktifkaans-payllterdnax.dipsea.biz.id
This website appears to present itself as a customer-care or account-activation page for DANA, an Indonesian digital wallet and payments platform. The page title, branding, and on-page text reference DANA directly, and the screenshot shows options such as activating DANA Paylater and DANA Cicil, along with financial-service imagery and logos associated with Indonesian commerce and regulation.
Based on the domain structure, however, this does not appear to be an official primary DANA domain. The hostname is unusually long, includes a distorted brand-like string, and is hosted under a third-level subdomain on dipsea.biz.id rather than on the brand's expected web properties. That combination suggests the page may be attempting to imitate a financial-service login or support workflow rather than serving as a standard corporate website.
The operator is not clearly identified on the page data provided. While the content references DANA and links to legitimate DANA-related assets, the domain registration details point to a recently created domain registered through a local registrar, which may indicate the site is operated by an unrelated third party.
Safety Assessment for aktifkaans-payllterdnax.dipsea.biz.id
This domain shows multiple high-risk indicators at the time of this scan. It was flagged by 14 out of 91 security engines, with most detections describing phishing or malicious behavior. The page also appears to imitate a known financial brand while using a non-official domain, which is a common pattern in credential-harvesting and payment-account fraud. The very low trust score, lack of ranking, and extremely recent registration further increase concern.
Although one malware scan did not detect malicious files and several blacklist databases were clean at the time of this scan, those signals do not outweigh the broader phishing indicators here. Newly created phishing pages often have limited file-based detections and may not yet appear on every blacklist. The domain name closely resembles a branded financial-service workflow and may be a look-alike intended to mislead visitors into believing they are interacting with DANA.
Based on these findings, this website may pose potential risks to visitors. Users should be cautious about entering login credentials, phone numbers, payment details, or one-time codes on this page.
Technical Description
The site was reachable over HTTPS with a valid TLS certificate issued by a mainstream certificate authority, fronted by Cloudflare infrastructure, and resolving to a Cloudflare IP address in Toronto, Canada. A valid certificate only indicates encrypted transport and does not by itself confirm legitimacy. The domain uses Cloudflare nameservers and appears to be proxied through Cloudflare's web server layer.
From a domain-security perspective, the registration age is a significant concern: the domain is only 2 days old at the time of this scan. DNSSEC is unsigned, which is not uncommon but provides no additional DNS integrity assurance. The combination of a newly registered domain, brand-referencing content, and phishing detections across multiple security engines is technically consistent with short-lived impersonation infrastructure.
Share your experience with this website. Was it safe? Did you encounter any issues?