code-immutable.fyi
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of code-immutable.fyi
code-immutable.fyi appears to present itself as a lightweight code-sharing platform branded as "LegalCode" or "Immutable Code." Based on the page title, on-page text, and screenshot, the site claims to let users publish read-only code snippets that "can never be changed," with suggested use cases such as documentation, educational materials, and sharing exact code versions with teams.
The homepage shown is minimal and functional rather than content-rich. It includes a folder-name field, a large text area for pasting code, and a "Publish Code" button, suggesting a pastebin-style or snippet-hosting service. No clear company identity, operator details, or organizational background are visible in the provided page content, so the operator cannot be independently confirmed from the available data.
The domain itself uses a .fyi extension and appears to be very new. Combined with the sparse presentation and lack of visible trust signals such as documentation, legal pages, or contact information in the screenshot, it may be an early-stage tool, a niche utility site, or a temporary service deployment.
Safety Assessment for code-immutable.fyi
This domain was flagged by 3 out of 92 security engines at the time of the scan, with multiple web-classification sources labeling it as phishing or fraud-related, while another source categorized it as a newly registered website. At the same time, malware scanning did not identify malicious files in the limited sample examined, and major blacklist databases checked in this scan did not report the domain as listed.
The strongest cautionary factor is the domain's age: it was registered only 9 days before the scan. Very new domains can be legitimate, but they are also commonly associated with short-lived abuse because they have little reputation history. The site also has no ranking data and presents a very minimal interface with limited visible business or ownership information, which may make trust assessment more difficult.
Because there is a small but non-trivial multi-engine detection signal, phishing-related categorization from multiple sources, and a very recent registration date, the site may pose potential risks despite the absence of blacklist hits and the clean malware-file scan. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid Let's Encrypt SSL certificate and is served through Cloudflare infrastructure, with the observed server IP resolving to Cloudflare and nameservers also hosted there. This setup may provide CDN and reverse-proxy benefits, but it can also obscure the origin server, which is common for both legitimate and questionable sites. DNSSEC appears to be unsigned at the time of the scan.
No flagged files, external links, referenced domains, or iframes were identified in the provided scan results, which limits evidence of active payload delivery from the sampled page. However, the domain is extremely new, the protocol details were not fully identified in the scan output, and the sparse site structure leaves relatively little technical context to validate long-term legitimacy.
Share your experience with this website. Was it safe? Did you encounter any issues?