18075.xyz
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of 18075.xyz
18075.xyz appears to be a Chinese-language online betting or gambling website. The page title references “BET365,” and the screenshot shows sports betting, live match listings, casino-style sections, and promotional banners aimed at users interested in wagering and gaming content. The homepage layout includes sports, esports, lottery, and live-betting style navigation, which suggests the site is presenting itself as a multi-category gambling platform.
Based on the domain itself, this does not appear to be an official branded domain for the well-known betting company referenced in the page title and visual branding. Instead, it appears to be a newly registered numeric .xyz domain being used to host a gambling-themed site that may be attempting to benefit from recognition associated with that brand. The domain was registered very recently and is hosted on infrastructure in Hong Kong, with no visible indication in the provided scan data of a clearly identified legitimate operator.
Safety Assessment for 18075.xyz
This domain shows multiple risk indicators at the time of this scan. It was flagged by 12 out of 91 security engines, with many of those detections classifying it as phishing or malicious. In addition, several web-classification sources categorized the site as phishing, fraud, or gambling-related content. The screenshot and page metadata also show branding associated with a major betting company while using an unrelated, newly created .xyz domain, which may indicate a look-alike or impersonation attempt.
The domain is only 2 days old, has no established traffic ranking, and uses a generic numeric domain name rather than a recognizable official brand domain. A malware scan also marked 11 JavaScript files as suspicious, although those detections were generic rather than tied to a named malware family. Blacklist data was mixed: major content-malice databases shown in the scan were largely clean at the time of review, but the domain or its infrastructure was listed by one mail-reputation blocklist and one generic malicious-object database, which adds some caution.
Taken together, the combination of multi-engine phishing detections, very recent registration, brand-style presentation on an unrelated domain, and suspicious script findings suggests elevated risk. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate expiring on 2026-09-26. It is hosted on an Nginx web server at IP address 154.39.104.132, associated with hosting infrastructure in Chai Wan, Hong Kong. DNSSEC appears to be unsigned, which is common but means DNS responses do not benefit from that additional integrity layer.
From a security perspective, the most notable technical concerns are the very recent domain registration, the lack of DNSSEC, and the malware scan’s generic suspicious findings across multiple JavaScript assets. The site also references external services such as Telegram and a CAPTCHA-related script, which is not inherently malicious, but in the context of phishing-related detections it may warrant additional caution.
Share your experience with this website. Was it safe? Did you encounter any issues?