lock-binance.us Open in urlscan Pro
2606:4700:3033::6815:4202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lock-binance.us/
Submission: On September 28 via api (September 28th 2024, 12:51:35 pm UTC) from US — Scanned from US

Summary HTTP 10 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3033::6815:4202, located in United States and belongs to CLOUDFLARENET, US. The main domain is lock-binance.us.
TLS certificate: Issued by WE1 on September 21st 2024. Valid for: 3 months.

This is the only time lock-binance.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Binance (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3033::6815:4202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.21.73.249 23.21.73.249	14618 (AMAZON-AES) (AMAZON-AES)
10	3

9 2606:4700:3033::6815:4202 (United States)

ASN13335 (CLOUDFLARENET, US)

lock-binance.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.73.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-73-249.compute-1.amazonaws.com

httpbin.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	lock-binance.us lock-binance.us	941 KB
1	httpbin.org httpbin.org	188 B
10	2

	Domain	Requested by
9	lock-binance.us	lock-binance.us
1	httpbin.org	aio-panel
10	2

This site contains links to these domains. Also see Links.

Domain
www.binance.us
www.cookieyes.com
support.binance.us
blog.binance.us
bamus.bamboohr.com
docs.binance.us
www.facebook.com
www.twitter.com
www.linkedin.com
t.me
www.youtube.com
www.instagram.com
www.reddit.com
discord.gg
www.tiktok.com

Subject Issuer	Validity	Valid
lock-binance.us WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh
httpbin.org Amazon RSA 2048 M02	`2024-08-20` - `2025-09-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lock-binance.us/
Frame ID: 10FFCE65226C4A0F452862BB1C88CC57
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1122 kB
Transfer

2096 kB
Size

0
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://www.binance.us/cookie-policy
Title: See our Cookie Policy for more information.

Search URL Search Domain Scan URL

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://www.binance.us/

Search URL Search Domain Scan URL

URL: https://www.binance.us/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.binance.us/trust
Title: Trust

Search URL Search Domain Scan URL

URL: https://www.binance.us/compliance
Title: Compliance

Search URL Search Domain Scan URL

URL: https://support.binance.us/hc/en-us/articles/360050532193
Title: Licenses

Search URL Search Domain Scan URL

URL: https://blog.binance.us/
Title: Blog

Search URL Search Domain Scan URL

URL: https://support.binance.us/hc/en-us/categories/360003671074-Announcements
Title: Announcements

Search URL Search Domain Scan URL

URL: https://bamus.bamboohr.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.binance.us/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.binance.us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://support.binance.us/hc/en-us/articles/12384604895127-Binance-US-Law-Enforcement-Guide
Title: Law Enforcement Guide

Search URL Search Domain Scan URL

URL: https://www.binance.us/personal
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.binance.us/buy
Title: Buy & Sell

Search URL Search Domain Scan URL

URL: https://www.binance.us/convert
Title: Convert

Search URL Search Domain Scan URL

URL: https://www.binance.us/spot-trade/btc_usd
Title: Spot Trading

Search URL Search Domain Scan URL

URL: https://www.binance.us/otc
Title: OTC

Search URL Search Domain Scan URL

URL: https://www.binance.us/staking
Title: Staking

Search URL Search Domain Scan URL

URL: https://www.binance.us/pay
Title: Pay

Search URL Search Domain Scan URL

URL: https://www.binance.us/institutions
Title: Institutions

Search URL Search Domain Scan URL

URL: https://www.binance.us/crypto-domains
Title: Crypto Domains

Search URL Search Domain Scan URL

URL: https://support.binance.us/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.binance.us/tax
Title: Tax

Search URL Search Domain Scan URL

URL: https://www.binance.us/fees
Title: Fees

Search URL Search Domain Scan URL

URL: https://www.binance.us/trading-rules
Title: Trading Rules

Search URL Search Domain Scan URL

URL: https://www.binance.us/trade-limits
Title: Trade Limits

Search URL Search Domain Scan URL

URL: https://support.binance.us/hc/en-us/articles/360057263734-Digital-Asset-Listing
Title: Listing on Binance.US

Search URL Search Domain Scan URL

URL: https://docs.binance.us/#introduction
Title: API Documentation

Search URL Search Domain Scan URL

URL: https://www.binance.us/status
Title: Status

Search URL Search Domain Scan URL

URL: https://www.binance.us/price
Title: Crypto Prices

Search URL Search Domain Scan URL

URL: https://blog.binance.us/tag/education/
Title: Crypto Education

Search URL Search Domain Scan URL

URL: https://blog.binance.us/crypto-for-beginners/
Title: Crypto For Beginners

Search URL Search Domain Scan URL

URL: https://blog.binance.us/how-does-blockchain-work/
Title: What is a Blockchain?

Search URL Search Domain Scan URL

URL: https://blog.binance.us/what-is-bitcoin/
Title: What is Bitcoin?

Search URL Search Domain Scan URL

URL: https://blog.binance.us/what-is-ethereum/
Title: What is Ethereum?

Search URL Search Domain Scan URL

URL: https://blog.binance.us/crypto-staking/
Title: Crypto Staking Explained

Search URL Search Domain Scan URL

URL: https://blog.binance.us/crypto-tokens/
Title: Crypto Tokens vs. Coins

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BinanceUS/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/binanceus

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/binance-us

Search URL Search Domain Scan URL

URL: https://t.me/Binance_USA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOy0sepBMqnlzdaRr_Tlczw?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.instagram.com/binanceus

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/BinanceUS/

Search URL Search Domain Scan URL

URL: https://discord.gg/amjFE7Grgr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@binance.us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response lock-binance.us/	1 MB 858 KB	255ms 171ms	Document text/html	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `3595d3cb47a8d1f02c99c0c816bba9c8f59df563ba4d4c3016b0299703c7d59e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 8ca3dd781b0a195d-EWR content-encoding br content-type text/html; charset=UTF-8 date Sat, 28 Sep 2024 12:51:28 GMT last-modified Fri, 16 Aug 2024 23:55:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfU1Oipo5c%2F7uPTKOfTTgfTHfPPdKrMyhlqlJwHuvU0%2FaO9re7kNfILz%2F3w3hd8Us%2BOjo1UkSv%2B7MxUGv0pB074sm0i6ORi9FPREkDJTKxzjjrDBHPdO4oPRDFBEuN%2BjsZrXDFqIh%2Bfj5zR9c%2F8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-powered-by Express
GET H3	200	speculation lock-binance.us/cdn-cgi/	128 B 557 B	16ms 15ms	Other application/speculationrules+json	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://lock-binance.us Referer https://lock-binance.us/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TowFVSEbEhS7j%2FAtprFyaS28i0fROqb%2FKAs8GRToGHk4fcxz838kIKZlO6TEgoTkerv5uplH%2Fme%2BxnSgXQs%2FRdqTK7c814K%2FFxX4BTXBv2LYTb%2FGmGzhtYoAjaDRCy6dKeZkrRjiu2mjzMxpteQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd798bf0195d-EWR access-control-allow-origin https://lock-binance.us content-length 128 date Sat, 28 Sep 2024 12:51:28 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ca7b9ddbf0fc40f0e1ef179354bc90981d409a583e1a21721765d3abaf3a5703` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8394dcc893f84c697e88cf2e39b3f46adda9afaab12961a448062b17e6ee8c08` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7c74a920239766a4fbe5f996e178af8c75885b65ff579e977e017491ae4027c6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e194e2510ead8766eff859c6b6c9a7efe64f877559c292d19fffd27c270110ac` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eae6bc29bdaad9b0b9152cadfc31fa1bdcd86a9006bf6be25b3845b09a4a158c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	socket.io.js Show response lock-binance.us/socket.io/	133 KB 31 KB	201ms 201ms	Script application/javascript	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/socket.io/socket.io.js Requested by Host: lock-binance.us URL: https://lock-binance.us/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee97302528e557630c0320776d397990cbe2ec455b46eaa8c49f8710f84a3b75` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://lock-binance.us/ Response headers cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag "4.7.5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IURHAI4QOz3rZIiqMq8l9J%2BLTNYox2vQepob6xdMekLkiKrepH%2FjAu7Brnsbu2ulL1KsZ3oW82yyoHwkiT%2BKRwH7wNlyLwxRJyZOhtnhbdhHYDhm0ft5F0B85hyr0V5oMO5XUpybRycXUiH5jtM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd7d0e95195d-EWR date Sat, 28 Sep 2024 12:51:29 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding server cloudflare
GET H3	200	client.js Show response lock-binance.us/	281 KB 48 KB	184ms 184ms	Script application/javascript	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/client.js Requested by Host: lock-binance.us URL: https://lock-binance.us/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c84993a0a3280a63c83bd9321ef3b8642c19d60e87a6f8bbca98f340810a8677` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://lock-binance.us/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"46418-1920cb16246" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mt8YZlm%2FoJ5iedI3CT9nja5usif8dzSfPuF22htAfdEEcTuM5prixl2Bg0vcaQ9mVghgUjW9c4va%2BOoLJj1awirfiXTMsfvqBTu9EVkgMvt7Y%2Fl5Nvt0HdRl%2FbHmvj2%2Bpq63WxOOWYDNFQPu4IM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd7d2eb5195d-EWR date Sat, 28 Sep 2024 12:51:29 GMT content-type application/javascript; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Thu, 19 Sep 2024 23:50:04 GMT
GET DATA	200 OK	truncated /	43 KB 43 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `edc76335a49135c6e589f3226fbc5391b1eddf09e2a1906df126eb4448bb19ca` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://lock-binance.us Referer Response headers Content-Type font/woff2;charset=utf-8
GET DATA	200 OK	truncated /	46 KB 46 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e1509697903bbe3632c463880e3e55e030c8568cfba63f8fb131faa58919b7e2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://lock-binance.us Referer Response headers Content-Type font/woff2;charset=utf-8
GET DATA	200 OK	truncated /	46 KB 46 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `94859c76422f35136feca12df3ac4fc4bffa2fb98d6e5fff4ebec448f2406da6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://lock-binance.us Referer Response headers Content-Type font/woff2;charset=utf-8
GET DATA	200 OK	truncated /	46 KB 46 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `69e74e82f335f2bc96cd85a19d7bd75de6446b4c4c993c104374b89a1b8cc41a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://lock-binance.us Referer Response headers Content-Type font/woff2;charset=utf-8
GET H3	200	/ Show response lock-binance.us/socket.io/	118 B 502 B	84ms 83ms	XHR text/plain	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/socket.io/?EIO=4&transport=polling&t=P8uhwkB Requested by Host: lock-binance.us URL: https://lock-binance.us/socket.io/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `27e7bc11d5c74134f6355870cd74310902bbbcc6b7aede4bb07d583b65f47f66` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://lock-binance.us/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVK0iJObnjLko2IIJYeuuBGo4MbXjlZCOp3cmAIIz%2FtEDjb7FAoTEbczSRxYJ0gJSboT3RIxKUit8aZqP91fvshxyJybHCkLiyNdr248%2FekwSi4wGQI8JcDsCSopqScFI4nRHGx0zl8VburCqaE%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd7f4872195d-EWR date Sat, 28 Sep 2024 12:51:29 GMT content-type text/plain; charset=UTF-8 server cloudflare
POST H3	200	/ Show response lock-binance.us/socket.io/	2 B 397 B	98ms 89ms	XHR text/html	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/socket.io/?EIO=4&transport=polling&t=P8uhwnF&sid=XDAQ2apnYRsJcfJ5AABi Requested by Host: lock-binance.us URL: https://lock-binance.us/socket.io/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer https://lock-binance.us/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Content-type text/plain;charset=UTF-8 Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtANdHOen5LMbf%2FKaZdCdj6IHQVRTi%2FUfJIZzQ%2B%2BSxCJB6WxmL%2Bi5aPKrGncEwCh8ZVFg7PqXQJFqKrubFWqxxtSwpjWoG1yJpQr4BWYqFjtuWnxE44dGm4g4MvdNMdU2WdWA8eIPwCvtJDIs%2Fs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd80895c195d-EWR date Sat, 28 Sep 2024 12:51:30 GMT content-type text/html server cloudflare
GET H3	200	/ Show response lock-binance.us/socket.io/	32 B 428 B	147ms 145ms	XHR text/plain	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/socket.io/?EIO=4&transport=polling&t=P8uhwnM&sid=XDAQ2apnYRsJcfJ5AABi Requested by Host: lock-binance.us URL: https://lock-binance.us/socket.io/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6dc90a3ad760b15579845d7e3f8e5cbe78ed753861cecfadfe6520f17f63c4e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://lock-binance.us/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3t6il5FTUfayvLswOBXmpLZBfRKbAmOoxYnYqlQe5T7k9PKK1DvD35XCn76kxWPaIiJuytI3mz7x4sNu7eCsnYb%2Blw1DwrKgxJNpfw6BBdYU8n2BxTi0b%2BARv2te%2FVLJ7btlJ5YQo9avJOaouj4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd809962195d-EWR content-length 32 date Sat, 28 Sep 2024 12:51:30 GMT content-type text/plain; charset=UTF-8 server cloudflare
GET H3	404	favicon.ico lock-binance.us/	1 KB 990 B	169ms 167ms	Other text/html	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `61152dd6e59df2e492f86d3e8b01f25f203cfd04a1457b9e0a6f42246ae4b7cb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://lock-binance.us/ Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FCdkQyTs7VaEO6CnYOHqLsrm2%2FJIGom3GvLROFSnWQEbg6QDaf3g%2BxmVY7Wzpy9tGcdFpv1FqyI6xW3DEaDWP7033GFKuoA4ErAsjPAF6PKLVRm6yCmOIu1bxQqNY6GpIYUG%2BpZY8oUKqyMgro%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd80d993195d-EWR date Sat, 28 Sep 2024 12:51:30 GMT content-type text/html; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Wed, 17 Jul 2024 20:46:18 GMT
GET H3	200	/ Show response lock-binance.us/socket.io/	1 B 398 B	329ms 327ms	XHR text/plain	2606:4700:3033::6815:4202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lock-binance.us/socket.io/?EIO=4&transport=polling&t=P8uhwpt&sid=XDAQ2apnYRsJcfJ5AABi Requested by Host: lock-binance.us URL: https://lock-binance.us/socket.io/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4202 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://lock-binance.us/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCVK1DUG0xt8zYp%2BRbfqs8ASEaukT6STXT%2BVpqKkoHJ94I18h5OVaAXEF0RbMH3R5HMXl4wEvfjHdACKZZpdL3Z7cOg1WhLjrQHEHaobimMP3aJg%2FSzDjUN4gazRjjlxi5k4HUmk7sgHjSksPN0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ca3dd819a0f195d-EWR content-length 1 date Sat, 28 Sep 2024 12:51:30 GMT content-type text/plain; charset=UTF-8 server cloudflare
GET H2	200	ip Show response httpbin.org/	32 B 188 B	907ms 848ms	Fetch application/json	23.21.73.249 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://httpbin.org/ip Requested by Host: aio-panel URL: webpack://aio-panel/./client/client.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.21.73.249 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-73-249.compute-1.amazonaws.com Software gunicorn/19.9.0 / Resource Hash `d53c107b016adc93228319fb114ecb5f89733e9058e2051fe125d4742199ae14` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://lock-binance.us/ Response headers access-control-allow-origin https://lock-binance.us content-length 32 date Sat, 28 Sep 2024 12:51:31 GMT content-type application/json server gunicorn/19.9.0 access-control-allow-credentials true

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Binance (Crypto Exchange)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://lock-binance.us/(Line 83) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://lock-binance.us/(Line 89) Message: <link rel=preload> has an invalid `href` value
recommendation	verbose	URL: https://lock-binance.us/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://lock-binance.us/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

httpbin.org
lock-binance.us
23.21.73.249
2606:4700:3033::6815:4202
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27e7bc11d5c74134f6355870cd74310902bbbcc6b7aede4bb07d583b65f47f66
3595d3cb47a8d1f02c99c0c816bba9c8f59df563ba4d4c3016b0299703c7d59e
61152dd6e59df2e492f86d3e8b01f25f203cfd04a1457b9e0a6f42246ae4b7cb
69e74e82f335f2bc96cd85a19d7bd75de6446b4c4c993c104374b89a1b8cc41a
7c74a920239766a4fbe5f996e178af8c75885b65ff579e977e017491ae4027c6
8394dcc893f84c697e88cf2e39b3f46adda9afaab12961a448062b17e6ee8c08
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
94859c76422f35136feca12df3ac4fc4bffa2fb98d6e5fff4ebec448f2406da6
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
c84993a0a3280a63c83bd9321ef3b8642c19d60e87a6f8bbca98f340810a8677
ca7b9ddbf0fc40f0e1ef179354bc90981d409a583e1a21721765d3abaf3a5703
d53c107b016adc93228319fb114ecb5f89733e9058e2051fe125d4742199ae14
e1509697903bbe3632c463880e3e55e030c8568cfba63f8fb131faa58919b7e2
e194e2510ead8766eff859c6b6c9a7efe64f877559c292d19fffd27c270110ac
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
eae6bc29bdaad9b0b9152cadfc31fa1bdcd86a9006bf6be25b3845b09a4a158c
edc76335a49135c6e589f3226fbc5391b1eddf09e2a1906df126eb4448bb19ca
ee97302528e557630c0320776d397990cbe2ec455b46eaa8c49f8710f84a3b75
f6dc90a3ad760b15579845d7e3f8e5cbe78ed753861cecfadfe6520f17f63c4e

lock-binance.us Open in urlscan Pro 2606:4700:3033::6815:4202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1122 kBTransfer

2096 kBSize

0 Cookies

47 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

lock-binance.us Open in urlscan Pro
2606:4700:3033::6815:4202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1122 kB
Transfer

2096 kB
Size

0
Cookies

10 HTTP transactions
11 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!