# danaid1.layanan-resmii.biz.id — MALICIOUS > Danaid1.layanan-resmii.biz.id is identified as a high-risk phishing domain. Stay vigilant and avoid interaction to protect your data. ## Summary PhishDestroy identifies danaid1.layanan-resmii.biz.id as a domain involved in generic phishing activities posing a high risk to users. The domain aims to deceive victims into revealing sensitive information such as login credentials or financial data by masquerading as a legitimate service. Due to the nature of phishing threats, users interacting with this domain are at significant risk of data compromise and potential financial loss. Technical analysis shows that danaid1.layanan-resmii.biz.id resolves to the IP address 188.114.96.3, which is associated with malicious activity according to various threat intelligence sources. VirusTotal flags this domain by 10 out of 95 security vendors, indicating a consensus on its suspicious behavior. The domain’s structure, including the use of subdomain and a suspicious second-level domain (layanan-resmii.biz.id), is characteristic of phishing campaigns designed to mimic official government or service portals to gain user trust. Currently, danaid1.layanan-resmii.biz.id remains active and continues to pose a significant threat. PhishDestroy strongly recommends avoiding any interaction with this domain, refraining from clicking any links or providing personal information. Organizations should consider blocking this domain at network gateways and update their security filters accordingly. Users are advised to verify URLs carefully and report suspected phishing domains to their security teams or appropriate authorities. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 200) - Page title: DANA - Apa pun transaksinya selalu ada DANA ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 188.114.96.3 - Nameservers: NS_NOT_FOUND ## Detection Status - VirusTotal: 19 vendors flagged Vendors: ["ADMINUSLabs", "BitDefender", "CRDF", "Cluster25", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "SOCRadar", "Sophos", "Trustwave", "VIPRE", "Webroot"] - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["PhishDestroy"] ## Live Page Content ### Page Text Your request was blocked. ## Evidence - Screenshot: https://i.ibb.co/CKYr6MXb/e6bdcefa16cd.png - Cloudflare Radar: https://radar.cloudflare.com/scan/9302809d-33fa-45ba-be32-ad7fd1310c50 - PhishDestroy: https://phishdestroy.io/domain/danaid1.layanan-resmii.biz.id/ ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/danaid1.layanan-resmii.biz.id/ Last updated: 2026-03-14