365wtvip.cc
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of 365wtvip.cc
365wtvip.cc appears to present itself as an online betting or gambling portal, using prominent "bet365" branding, sports imagery, QR codes, and multiple alternate access domains. The page title and screenshot suggest it is targeting Chinese-speaking users and promoting mobile access to sports betting and related gaming services.
Based on the visible content, the site does not appear to be an independent informational page about betting; rather, it appears to function as a gateway or landing page directing visitors to gambling-related services and mirror domains. The operator is not clearly identified on the page, and the domain naming pattern, along with the listed backup domains, may indicate a network of related sites rather than a transparent, formally identified business presence.
Safety Assessment for 365wtvip.cc
Several risk indicators were present at the time of this scan. The domain was flagged by 13 out of 91 security engines, with multiple scanners classifying it as phishing or otherwise malicious. In addition, the page visually imitates the well-known bet365 brand while using a different domain, which may indicate a look-alike or impersonation setup intended to capture user trust. The domain is also very new, at roughly 60 days old, and it is not ranked in major popularity lists, both of which can increase uncertainty.
The malware scan also reported a malicious result and flagged one scanned page element, although blacklist databases checked here did not show listings at the time of the scan. That mixed picture can occur with newer or rotating campaigns, especially when a site changes domains frequently or relies on multiple alternate addresses. The presence of numerous similarly named related domains further adds to the overall risk profile.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate, hosted behind an nginx web server on a Google Cloud IP located in Tokyo, Japan. Its nameservers use Cloudflare, while DNSSEC appears to be unsigned. A valid certificate helps with encrypted transport, but it does not by itself indicate legitimacy.
From an infrastructure perspective, the domain is recently registered and uses a fairly standard cloud-hosted setup that can be deployed quickly. The combination of a young domain, unsigned DNSSEC, brand-like presentation on a non-official-looking domain, and multiple linked alternate domains may be considered notable security concerns at the time of review.
Share your experience with this website. Was it safe? Did you encounter any issues?