# binance-crypto.cx — MALICIOUS

> binance-crypto.cx is a high-risk Binance impersonation site now offline. Avoid interaction and verify official sources for crypto services.

## Summary
PhishDestroy identifies binance-crypto.cx as a high-risk domain impersonating the well-known cryptocurrency exchange Binance. Classified under brand impersonation, this domain attempts to deceive users by mimicking Binance’s branding, likely to facilitate fraud or credential theft. Its creation date of February 21, 2026, indicates a recent attempt to exploit Binance’s reputation.

Technical analysis reveals that binance-crypto.cx was registered through CentralNic Ltd and resolves to the IP address 172.67.221.121. The domain has been flagged on three different security blocklists, signaling established recognition of its malicious intent within security communities. VirusTotal analysis shows that 15 out of 95 security vendors flagged this domain, reinforcing its classification as a threat. Despite these indicators, the domain currently returns a "404 Not Found" page, which may suggest it was taken down following detection.

At present, binance-crypto.cx is offline and no longer serving content, reflecting an effective response to its malicious use. Users are strongly advised to avoid visiting this domain and to rely exclusively on official Binance channels for cryptocurrency transactions. Continuous monitoring of such impersonation attempts is essential to protect users from phishing and fraud schemes. PhishDestroy recommends vigilance and verification when engaging with crypto-related websites to prevent compromise.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Target brand: Binance
- Page title: 404 Not Found

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: CentralNic Ltd
- Country: GB
- IP: 172.67.221.121
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["kevin.ns.cloudflare.com", "amy.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "ESET", "Emsisoft", "Fortinet", "G-Data", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bf546-f41e-700d-a702-3942fd00b85f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/3e1ddced-d876-48af-bd63-5f68d92f1efe
- PhishDestroy: https://phishdestroy.io/domain/binance-crypto.cx/
- LLM endpoint: https://phishdestroy.io/domain/binance-crypto.cx/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/binance-crypto.cx/
Last updated: 2026-03-19