Suspicious

Phishings targeting Binance

Suspicious and active websites

Phishings targeting Binance

Suspicious and active websites

Active
12
New (7d)
0
Trend (7d)
↓100%
Website
binance.com
About
AICrypto exchange phishing - login or 2FA-bypass pages targeting account drain. Often paired with fake withdrawal alerts.
Hosts
Amazon.com, Inc. (4) · Cloudvalley Sdn. Bhd. (3) · Cloudflare, Inc. (3)
Countries
United StatesUnited States (8) · MalaysiaMalaysia (3) · Hong KongHong Kong (1)
TLS certs
Let's Encrypt (4) · WR1 (3) · WE1 (1)

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-05-30 01:30 2026-05-22 01:01
http://binance-spotify.com.cn
Screenshot of binance-spotify.com.cn OpenPhish Details
2026-05-30 01:30 2026-05-22 01:01
https://binance-guanwang.com.cn
Screenshot of binance-guanwang.com.cn OpenPhish urlscan Details
2026-05-30 01:30 2026-05-20 21:11
https://binancenn.com
Screenshot of binancenn.com urlscan Details
2026-05-30 01:30 2026-05-20 21:10
https://binanceii.com
Screenshot of binanceii.com urlscan Details
2026-05-30 01:30 2026-05-20 21:10
https://binanceaa.com
Screenshot of binanceaa.com urlscan Details
2026-05-30 01:30 2026-05-20 13:01
http://fvw0ah.binanceltd.ltd
Screenshot of fvw0ah.binanceltd.ltd OpenPhish Details
2026-05-30 01:30 2026-05-01 03:28
https://hot-binance.com.cn
Screenshot of hot-binance.com.cn urlscan Details
2026-05-30 01:30 2026-04-13 09:00
https://binance-zh.com
Screenshot of binance-zh.com PhishTank Details
2026-05-30 01:30 2026-04-04 13:03
http://binance-blog.vercel.app
Screenshot of binance-blog.vercel.app OpenPhish urlscan Details
2026-05-30 01:30 2026-04-04 13:02
https://binance-blog.vercel.app/en/blog
Screenshot of binance-blog.vercel.app OpenPhish urlscan Details
2026-05-30 01:30 2026-04-04 10:00
https://binancebooster.com
Screenshot of binancebooster.com PhishTank Details
2026-05-30 01:30 2026-03-27 13:01
https://binance-red-packet.vercel.app
Screenshot of binance-red-packet.vercel.app OpenPhish Details

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

URL Screenshot Details
http://binance-spotify.com.cn
OpenPhish 		Screenshot of binance-spotify.com.cn Details
https://binance-guanwang.com.…
OpenPhish urlscan 		Screenshot of binance-guanwang.com.cn Details
https://binancenn.com
urlscan 		Screenshot of binancenn.com Details
https://binanceii.com
urlscan 		Screenshot of binanceii.com Details
https://binanceaa.com
urlscan 		Screenshot of binanceaa.com Details
http://fvw0ah.binanceltd.ltd
OpenPhish 		Screenshot of fvw0ah.binanceltd.ltd Details
https://hot-binance.com.cn
urlscan 		Screenshot of hot-binance.com.cn Details
https://binance-zh.com
PhishTank 		Screenshot of binance-zh.com Details
http://binance-blog.vercel.app
OpenPhish urlscan 		Screenshot of binance-blog.vercel.app Details
https://binance-blog.vercel.a…
OpenPhish urlscan 		Screenshot of binance-blog.vercel.app Details
https://binancebooster.com
PhishTank 		Screenshot of binancebooster.com Details
https://binance-red-packet.ve…
OpenPhish 		Screenshot of binance-red-packet.vercel.app Details

AIHow to verify a real Binance URL

  • Legitimate Binance URLs always end in binance.com (e.g. www.binance.com, account.binance.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Binance.
  • The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
  • If you got the link from email, SMS, or social media, do not click it. Open binance.com from your browser bookmark or type the domain manually.
  • Real Binance pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.