lockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onion.ly
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of lockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onion.ly
The domain lockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onion.ly appears to be a non-standard web address that references an onion-style name through the onion.ly gateway. Based on the hostname structure, it may be attempting to present or proxy content associated with a Tor hidden-service style address rather than a conventional public website. The scan data does not indicate a clear legitimate business, publisher, or organization operating the site, and the domain is not ranked among widely visited websites.
Infrastructure clues suggest the page may be tied to domain monetization or placeholder-style content rather than a fully developed service. References to parking-related assets, above-domain nameservers, and hosting associated with parking infrastructure may indicate that the domain is being routed through a parked or intermediary setup. Based on available data, there is limited evidence of normal site content, ownership transparency, or established public-facing operations.
Safety Assessment for lockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onion.ly
This domain was flagged by 11 out of 91 security engines at the time of the scan, which is a meaningful level of consensus rather than a single isolated heuristic. In addition, the malware scan reported suspicious findings across several page resources and links, including a generic malicious-object classification tied to the domain and embedded paths. While some of these detections may relate to parking or tracking components, the volume of alerts suggests the site may present elevated risk.
Blacklist and reputation data were mixed. Several major threat databases were clean at the time of this scan, but two blacklist-style sources listed the domain with generic malicious or suspicious classifications. The domain is also relatively new, lacks established traffic signals, and uses infrastructure patterns commonly seen with parked or low-trust domains. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site presented a valid Let's Encrypt SSL certificate that was set to expire on 2026-08-17, which indicates HTTPS was configured at the time of testing. The domain is hosted on IP address 103.224.182.238 with hosting attributed to Trellian Pty. Limited, and it uses ns127.abovedomains.com and ns128.abovedomains.com as nameservers. DNSSEC appears to be unsigned.
Several technical indicators point to low-trust or intermediary infrastructure: the domain is only 219 days old, the server stack is not clearly identified, and scan results reference parking-related asset paths and fingerprinting-style JavaScript resources. These factors do not prove harmful intent on their own, but they may reduce confidence in the site's legitimacy and operational transparency.
Share your experience with this website. Was it safe? Did you encounter any issues?