danaid.7xb.web.id
Category: Phishing And Fraud
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of danaid.7xb.web.id
The domain danaid.7xb.web.id appears to host a page themed around DANA, an Indonesian digital wallet and payments brand. Its title and metadata present it as an account recovery or account assistance page, and the screenshot shows DANA branding, support-style imagery, and menu options related to account problems, refunds, and device logout.
Based on the domain structure, this does not appear to be an official primary domain for the DANA service. The page also pulls branding assets and references from domains associated with DANA and from a separate development-hosted site, which suggests it may be attempting to mimic a legitimate financial service interface rather than operate as an independently branded website.
The site appears to target Indonesian users seeking help with DANA account issues. Given the branding, wording, and page layout, its apparent purpose may be to persuade visitors to interact with a fake support or recovery workflow.
Safety Assessment for danaid.7xb.web.id
Multiple security signals indicate elevated risk at the time of this scan. The domain was flagged by 23 out of 91 security engines, and several web-classification providers categorized it as phishing or fraud-related. In addition, one threat database listing was present, and the page content strongly resembles a financial-service account recovery screen using DANA branding on a non-official-looking domain.
The domain is also very new, with an age of about 70 days, and it is not ranked among widely visited sites. That combination of recent registration, strong multi-engine phishing detections, and branding associated with a known payment platform may indicate an attempt to collect credentials, OTP codes, or other sensitive financial information. The malware scan also reported suspicious elements, including a flagged HTML file and multiple suspicious linked assets.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate at the time of the scan. It resolved to an IP hosted by OVH Singapore PTE. LTD and used a LiteSpeed web server. DNSSEC appears to be unsigned, which is not uncommon but does reduce one layer of DNS integrity assurance.
From a security perspective, the more notable concerns are reputational and content-based rather than TLS-related. The domain is newly registered, uses a subdomain under a shared web.id namespace, and references assets from another development-hosted domain while presenting payment-brand imagery. Those factors, together with the phishing detections and suspicious flagged file lg1.html, may be consistent with a short-lived credential-harvesting setup.
Share your experience with this website. Was it safe? Did you encounter any issues?