coinbase-airdrop.b12sites.com
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of coinbase-airdrop.b12sites.com
This domain appears to be a page hosted on the b12sites.com website-building platform, using the subdomain name "coinbase-airdrop". Based on the naming pattern, it likely presents itself as something related to a cryptocurrency giveaway or promotional claim connected to Coinbase. The term "airdrop" is commonly used in the cryptocurrency sector for token distributions, but it is also frequently used in deceptive campaigns to attract wallet connections, credential entry, or other sensitive actions.
The underlying parent domain appears to be operated by a site-building or hosting service rather than by Coinbase itself. That means this is likely a user-created page hosted on shared infrastructure, not an official Coinbase-owned domain. The domain name closely resembles the Coinbase brand while adding an extra promotional term, which may cause confusion for visitors who are expecting an official cryptocurrency service or reward page.
Safety Assessment for coinbase-airdrop.b12sites.com
Multiple security signals indicate elevated risk at the time of this scan. The domain was flagged by 12 out of 91 security engines, with several classifying it as phishing, and it was also listed by a major threat database for social-engineering activity. In addition, the domain closely resembles coinbase.com while using a hosted subdomain format, which may indicate a look-alike page intended to benefit from brand recognition.
Although the domain itself is several years old, that age appears to reflect the parent hosting domain rather than proving legitimacy for this specific branded subpage. The site has no meaningful traffic ranking, and the naming pattern "coinbase-airdrop" aligns with common cryptocurrency lure themes. The malware scan did not detect malicious files in the limited content checked, but phishing pages often rely on deceptive forms and branding rather than downloadable malware.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site presented a valid Let's Encrypt SSL certificate at the time of scanning, which means traffic may be encrypted in transit, but HTTPS alone does not indicate legitimacy. It resolves to an AWS EC2 IP address in us-east-1, suggesting it is hosted on cloud infrastructure commonly used for both legitimate and abusive short-lived pages. The web server software was not identified from the available data.
DNSSEC appears to be unsigned, so DNS responses do not appear to have that additional integrity protection. No DNS-based mail-reputation blocklist hits were reported. From a technical standpoint, the main concern is not the TLS setup but the combination of cloud-hosted infrastructure, brand-resembling naming, and phishing-related detections across multiple security sources.
Share your experience with this website. Was it safe? Did you encounter any issues?