urlscan.io logo urlscan.io
SecurityTrails logo

binancerl.top Open in urlscan Pro
45.207.38.100  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bn-apple-12.in/
Effective URL: https://binancerl.top/
Submission: On April 01 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 45.207.38.100, located in Mauritius and belongs to SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK. The main domain is binancerl.top.
TLS certificate: Issued by TrustAsia ECC DV TLS CA G2 on March 30th 2023. Valid for: 3 months.
This is the only time binancerl.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Binance (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
2 2 45.207.39.64 133199 (SONDERCLO...)
10 45.207.38.100 133199 (SONDERCLO...)
12 2
Apex Domain
Subdomains		 Transfer
8 binancerl.top
binancerl.top
565 KB
2 binancenl.top
binancenl.top
2 bn-apple-12.in
bn-apple-12.in
350 B
12 3
Domain Requested by
8 binancerl.top binancerl.top
2 binancenl.top binancerl.top
2 bn-apple-12.in 2 redirects
12 3

This site contains no links.

Subject Issuer Validity Valid
binancerl.top
TrustAsia ECC DV TLS CA G2		 2023-03-30 -
2023-06-28		 3 months crt.sh
binancenl.top
TrustAsia ECC DV TLS CA G2		 2023-03-30 -
2023-06-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://binancerl.top/
Frame ID: 0BA4ED02845DEC087C896C515CC3192A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

比特币交易平台 | 数字货币交易平台 | 币安

Page URL History Show full URLs

  1. http://bn-apple-12.in/ HTTP 301
    https://bn-apple-12.in/ HTTP 302
    https://binancerl.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

588 kB
Transfer

1834 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bn-apple-12.in/ HTTP 301
    https://bn-apple-12.in/ HTTP 302
    https://binancerl.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
binancerl.top/
Redirect Chain
  • http://bn-apple-12.in/
  • https://bn-apple-12.in/
  • https://binancerl.top/
798 B
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
74c6348acf348a485ab3663ba9d8038615d958347e78c35aed5ee9f214cabc99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
content-length
798
content-type
text/html
date
Sat, 01 Apr 2023 07:36:33 GMT
etag
"6425876c-31e"
last-modified
Thu, 30 Mar 2023 12:58:20 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 07:36:36 GMT
location
https://binancerl.top
server
nginx
strict-transport-security
max-age=31536000
chunk-vendors.26056fba.js
binancerl.top/js/ 		1 MB
449 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/js/chunk-vendors.26056fba.js
Requested by
Host: binancerl.top
URL: https://binancerl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
fa55134b624725428bdeabf49c213ef5a5f673f08e3a6ef31925b0bf3e6b8b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
W/"642584a8-1598c9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 01 Apr 2023 19:36:33 GMT
app.e88b689d.js
binancerl.top/js/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/js/app.e88b689d.js
Requested by
Host: binancerl.top
URL: https://binancerl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
52c573e2f9ed015e0abe3837ea33d53d46a8527de263dbfb9585ccd9e71cb5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
W/"642584a8-9fc6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 01 Apr 2023 19:36:33 GMT
chunk-vendors.38d47f30.css
binancerl.top/css/ 		368 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/css/chunk-vendors.38d47f30.css
Requested by
Host: binancerl.top
URL: https://binancerl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
6c064a9e6bfaf161b94ef310f7fc0c7dc6a69dc0425597a79fdd49330d190c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
W/"642584a8-5bf85"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 01 Apr 2023 19:36:33 GMT
app.553e075d.css
binancerl.top/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/css/app.553e075d.css
Requested by
Host: binancerl.top
URL: https://binancerl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4ee811616609ff2bd884cb125fc7b98e56388a68078db667b470d7b338c44440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
W/"642584a8-c80"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 01 Apr 2023 19:36:33 GMT
closure
binancenl.top/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://binancenl.top/closure
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,tenant-id
Access-Control-Request-Method
POST
Origin
https://binancerl.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,tenant-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-cache
date
Sat, 01 Apr 2023 07:36:37 GMT
server
nginx
vary
Access-Control-Request-Headers
x-powered-by
Express
969.ba1fb034.css
binancerl.top/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/css/969.ba1fb034.css
Requested by
Host: binancerl.top
URL: https://binancerl.top/js/app.e88b689d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
dc266bce5160a2a43f667cac0dbfa6a6421060817ae3a36fac79471b0aa6e450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:36 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
W/"642584a8-1d2a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 01 Apr 2023 19:36:36 GMT
969.81802307.js
binancerl.top/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://binancerl.top/js/969.81802307.js
Requested by
Host: binancerl.top
URL: https://binancerl.top/js/app.e88b689d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0bfcc5c5cd4c4153410510be7aa2a6a52b3839e8db052bc5801b781170b10a69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:36 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
W/"642584a8-1111"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 01 Apr 2023 19:36:36 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83eef421c3682a87d0a7107f6872a1e36222cb1623ade9211b817ee2dfc0059b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
closure
binancenl.top/ 		0
0
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c660f9252dfe12a6072fb38088fd444df33cc01094ccf547ce99b32b98e4b0a

Request headers

Referer
Origin
https://binancerl.top
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
cn.29921cb4.svg
binancerl.top/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://binancerl.top/img/cn.29921cb4.svg
Requested by
Host: binancerl.top
URL: https://binancerl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
48d8bd9b20fbd70f72d6403fc44ef985d09b134177f1eda2d774c44c4a2c601d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://binancerl.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:36:36 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 30 Mar 2023 12:46:32 GMT
server
nginx
etag
"642584a8-582"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1410
closure
binancenl.top/ 		0
0
closure
binancenl.top/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://binancenl.top/closure
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.207.38.100 , Mauritius, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,tenant-id
Access-Control-Request-Method
POST
Origin
https://binancerl.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,tenant-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
no-cache
date
Sat, 01 Apr 2023 07:36:39 GMT
server
nginx
vary
Access-Control-Request-Headers
x-powered-by
Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
binancenl.top
URL
https://binancenl.top/closure
Domain
binancenl.top
URL
https://binancenl.top/closure

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Binance (Crypto Exchange)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackChunkBinance function| clearImmediate function| setImmediate function| _ object| core object| __country_flag_files_path_obj number| _vueCountryIntl_count

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000