www.binancezh.sh
Open in
urlscan Pro
170.33.8.8
Malicious Activity!
Public Scan
Effective URL: https://www.binancezh.sh/zh-CN
Submission: On June 22 via manual from IL
Summary
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on May 10th 2021. Valid for: a year.
This is the only time www.binancezh.sh was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Binance (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 170.33.8.8 170.33.8.8 | 134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited) | |
18 | 101.33.11.45 101.33.11.45 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c04::9a | 15169 (GOOGLE) (GOOGLE) | |
24 | 6 |
ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG)
binancezh.sh | |
www.binancezh.sh |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
static-file-1259603563.file.myqcloud.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
myqcloud.com
static-file-1259603563.file.myqcloud.com |
729 KB |
3 |
binancezh.sh
2 redirects
binancezh.sh www.binancezh.sh |
47 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
86 B |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
0 |
binance.gg
Failed
report.binance.gg Failed |
|
24 | 6 |
Domain | Requested by | |
---|---|---|
18 | static-file-1259603563.file.myqcloud.com |
www.binancezh.sh
static-file-1259603563.file.myqcloud.com |
2 | www.google-analytics.com |
www.binancezh.sh
www.google-analytics.com |
2 | binancezh.sh | 2 redirects |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.googletagmanager.com |
www.binancezh.sh
|
1 | www.binancezh.sh | |
0 | report.binance.gg Failed |
static-file-1259603563.file.myqcloud.com
|
24 | 7 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.binancezh.sh RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-05-10 - 2022-05-10 |
a year | crt.sh |
*.cdn.myqcloud.com TrustAsia TLS RSA CA |
2020-11-18 - 2021-11-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.binancezh.sh/zh-CN
Frame ID: 1F52652BA4F382B85B8B9C0CA0AA1BDB
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://binancezh.sh/
HTTP 301
https://binancezh.sh/ HTTP 301
https://www.binancezh.sh/zh-CN Page URL
Detected technologies
Tengine (Web Servers) ExpandDetected patterns
- headers server /Tengine/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title: Academy区块链及数字资产学习平台
Search URL Search Domain Scan URL
Title: Charity慈善卡
Search URL Search Domain Scan URL
Title: Cloud一站式交易所解决方案
Search URL Search Domain Scan URL
Title: DEX安全高效的去中心化数字资产交易平台
Search URL Search Domain Scan URL
Title: Labs顶尖区块链项目孵化器
Search URL Search Domain Scan URL
Title: Launchpad
Search URL Search Domain Scan URL
Title: Research机构级分析和报告
Search URL Search Domain Scan URL
Title: Trust Wallet币安官方数字货币钱包
Search URL Search Domain Scan URL
Title: 买币
Search URL Search Domain Scan URL
Title: 买币快速转账并支持100多种支付方式
Search URL Search Domain Scan URL
Title: 欧式期权New欧式T型报价期权,自由做多做空
Search URL Search Domain Scan URL
Title: 币安矿池服务矿工群体,提高挖矿收益
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: App Store
Search URL Search Domain Scan URL
Title: Android APK
Search URL Search Domain Scan URL
Title: Google Play
Search URL Search Domain Scan URL
Title: MacOS
Search URL Search Domain Scan URL
Title: Windows
Search URL Search Domain Scan URL
Title: API
Search URL Search Domain Scan URL
Title: 0手续费买卖数字货币使用多种支付方式交易数字货币,0手续费,安全快捷
Search URL Search Domain Scan URL
Title: 可信赖的安全保障我们复杂的安全措施和SAFU基金保护您的数字资产免受所有风险。
Search URL Search Domain Scan URL
Title: 立即注册
Search URL Search Domain Scan URL
Title: 学院
Search URL Search Domain Scan URL
Title: 法币合作申请
Search URL Search Domain Scan URL
Title: API文档
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://binancezh.sh/
HTTP 301
https://binancezh.sh/ HTTP 301
https://www.binancezh.sh/zh-CN Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
zh-CN
www.binancezh.sh/ Redirect Chain
|
222 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-9d87.66b6ce47.js
static-file-1259603563.file.myqcloud.com/static/chunks/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.css
static-file-1259603563.file.myqcloud.com/static/fonts/ |
1 KB 884 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font.min.css
static-file-1259603563.file.myqcloud.com/static/fonts/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 86 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BinancePlex-Regular.woff2
static-file-1259603563.file.myqcloud.com/static/fonts/bp/ |
43 KB 44 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BinancePlex-Medium.woff2
static-file-1259603563.file.myqcloud.com/static/fonts/bp/ |
46 KB 47 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BinancePlex-SemiBold.woff2
static-file-1259603563.file.myqcloud.com/static/fonts/bp/ |
46 KB 47 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cnhero.png
static-file-1259603563.file.myqcloud.com/static/juliaimg/cn/ |
70 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.production.16.13.0.js
static-file-1259603563.file.myqcloud.com/static/runtime/react/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-dom.production.16.13.0.js
static-file-1259603563.file.myqcloud.com/static/runtime/react-dom/ |
116 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-617951dbc4f6c0b20931.js
static-file-1259603563.file.myqcloud.com/static/runtime/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework.c51ba333.js
static-file-1259603563.file.myqcloud.com/static/chunks/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.b6c1d740.js
static-file-1259603563.file.myqcloud.com/static/chunks/ |
115 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sentry-05b0073eb33af9cc23ed.js
static-file-1259603563.file.myqcloud.com/static/runtime/ |
157 B 798 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-012636f1aa17696aa91d.js
static-file-1259603563.file.myqcloud.com/static/runtime/ |
2 MB 366 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop-trade.png
static-file-1259603563.file.myqcloud.com/static/images/download/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-trade.png
static-file-1259603563.file.myqcloud.com/static/images/download/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile-fiat.png
static-file-1259603563.file.myqcloud.com/static/images/download/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
static-file-1259603563.file.myqcloud.com/static/images/common/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
report.binance.gg/api/10/envelope/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- report.binance.gg
- URL
- https://report.binance.gg/api/10/envelope/?sentry_key=9b82019213a143f3b791bb2c32ec34a5&sentry_version=7
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Binance (Crypto Exchange)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| search undefined| regexp undefined| params function| ga string| gaFilterExp object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| React object| ReactDOM string| __shuvi_ssr_public_path__ object| webpackChunktemplate_ui object| __SENTRY__ object| Sentry object| Integrations object| regeneratorRuntime object| Base64 function| BridgeReceiveEvent1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.binancezh.sh/ | Name: bnc-uuid Value: 537c9da1-c817-4f3a-97ea-b5053d835a57 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=86400 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
binancezh.sh
report.binance.gg
static-file-1259603563.file.myqcloud.com
stats.g.doubleclick.net
www.binancezh.sh
www.google-analytics.com
www.googletagmanager.com
report.binance.gg
101.33.11.45
170.33.8.8
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c04::9a
0355e25d19c7f3ff3014ca0fe1617192b9864df5ae7f548d25bcab6f89926371
12cd3d5875d71612e9704299c369c42f2c174cd8c1456df803b3590fc0b4901b
24ad70333bc39b3872b8b2144ffd929faac8bcb7591de661bb3af58ed2ad660b
33d16c2f8821ed2c9ff7ce917514ce8cabba89c59471b6db86d87180f067803c
551ff1dbd0df95853706e675f7627394eb5613cc51f68683258567ecba12a996
5de13a8123aca52bbeee3a19ed0ba2b04c7ef1d19f6aa56171393d5d979aa2fd
5e6bdf2baa72b88b8fa8dcd6eeea15abf339ba63d6cab390b52fc9e654bb2d58
5f500ce1d40ca132a81d3d07518fbed1772714c8247ffa0183af7f51ddd56d18
68ba4f20835dc137e9ea32413e580f8a344c04b659380431deb724bc8c88183c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3438d9a73710dd06a8ae34a42f601a2fd88b1bcac99db8a8c3fff478865bbc
739f5b8afb10a2c9c8bf79ad1f79752745ddf3b336acc8f717ac167aea7b76db
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7619529d2ecdd660ad9d274119649bd2bdae601dac4420690e65cdaaef83eeb5
83eef421c3682a87d0a7107f6872a1e36222cb1623ade9211b817ee2dfc0059b
8ab1a947847f96ebcf3dbe48f804e3ef01e99642a138f9a17e7235686e287a08
8bd2b7507596acff2f3ac770ad37c293c7d630d84a41183ce35f1d5b56136a47
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b994bb4a3c61adbcf3a3963039fa04ac88faaae59a1bda141dc38a56914cf05f
c473f566e66f41cd1b7fd39e504a1f7622d3ccb3e852e59abc79a6dd43d98961
d7ddd66cc1f151e0bd536e68b9af3caaa4487b62117f9cad3d7695136daed228
df61a6c39ac10d7c8c8e0ffbdc5829ba4a1365d32bc6e616eed8fc69d6cdf33e
f5404c4fb01e7bc1bb7464fb7562a2c0bebdbdceb0459e21dc20eb62f39b88e8
f5cfc4cf6fb959ac92efb70a869c489b5d79ca4eb5f31764a1674d6b74417165