p54zyo.ljminingbnb.com
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of p54zyo.ljminingbnb.com
The domain p54zyo.ljminingbnb.com appears to host a cryptocurrency-themed web page that visually presents itself as a Binance-branded investment or trading platform. Based on the screenshot, the site includes sections such as recharge, withdraw, app, company profile, invite friends, and VIP unlocking tiers, along with promotional Binance imagery. The structure and wording suggest it may be attempting to attract users into depositing funds or participating in a staged investment workflow.
The domain itself does not appear to be an official Binance domain. Instead, it is a subdomain under ljminingbnb.com, with a random-looking prefix, which may indicate disposable or campaign-specific infrastructure. Based on the branding shown and the page layout, the site appears to be operated by an unknown party rather than by the legitimate cryptocurrency exchange it references.
Safety Assessment for p54zyo.ljminingbnb.com
This website shows multiple risk indicators at the time of this scan. It was flagged by 15 out of 91 security engines, with many of those detections classifying it as phishing or malicious. The screenshot also shows prominent Binance branding on a domain that does not appear to belong to Binance, which may indicate a look-alike or impersonation attempt designed to gain user trust. The very low trust score provided with the scan is consistent with that pattern.
Additional context increases concern. The domain is relatively new, not ranked in major popularity lists, and uses a random-looking subdomain structure that may be associated with short-lived campaigns. Although blacklist databases were largely clean at the time of this scan, that does not outweigh the multi-engine phishing consensus and the apparent brand imitation visible on the page. A separate malware scan only reported a generic suspicious object tied to an external script, which on its own would be low confidence, but here it sits alongside stronger phishing signals.
Based on these findings, this website may pose potential risks to visitors, especially anyone asked to log in, connect a wallet, send cryptocurrency, or provide personal information.
Technical Description
The site was served over HTTPS with a valid Let's Encrypt certificate expiring in August 2026. It appears to be proxied through Cloudflare infrastructure, with the observed server IP resolving to Cloudflare and nameservers also set to Cloudflare. DNSSEC was not enabled at the time of this scan, which is not uncommon but does mean DNS responses do not benefit from that additional integrity layer.
From an infrastructure perspective, the setup looks lightweight and easy to deploy quickly: a young domain, Cloudflare fronting, and a simple asset-based web application. The scan also noted a flagged external script reference and Telegram-related resources, which may be benign in some contexts but can also appear in fast-moving promotional or fraud-oriented campaigns. No severe TLS misconfiguration was provided in the scan data, but the broader hosting and domain profile may warrant caution.
Share your experience with this website. Was it safe? Did you encounter any issues?