SUSPICIOUS

Warning signs detected

Infrastructure domain tied to the Polyfill.io supply-chain attack that injected malware and redirected users to scam sites. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Security Review

Is bsclink.cn legit or a scam?

Be careful — we couldn't verify this site.

Do this now:don't sign in or pay until you've confirmed the site is genuine another way.

Infrastructure domain tied to the Polyfill.io supply-chain attack that injected malware and redirected users to scam sites.

Cross-checked against 6 independent sources
bsclink.cnScanned 52m ago
0/100
Trust score
0 = danger · 100 = safe
SUSPICIOUS
Score breakdown
Heuristics 100·MT 15
Screenshot of bsclink.cnSee the live page ↓
Category tags
malwaresupply-chainHow sure we are: High
Positive signals (3)
Antivirus clearNot on major blacklistsClean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
Registration date unknown

Website Preview

Screenshot of bsclink.cn
LIVE RENDER
bsclink.cn

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Intelligence

Advanced threat intelligence
Analysis
High scam likelihoodengineMT · Guardiantrust15/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain bsclink.cn belongs to BaishanCloud, a legitimate Chinese CDN operator. In June 2024 the Polyfill.io service was pointed at a subdomain on this infrastructure after Funnull acquired the project. Scripts served through polyfill.io.bsclink.cn were modified to inject malicious redirects to gambling and adult sites. Security researchers documented the attack affecting more than 100,000 websites that loaded the Polyfill library. The domain itself carries no antivirus detections and shows clean hosting reputation, yet its direct role in the confirmed supply-chain compromise outweighs those clean signals. No legitimate business use explains why a CDN endpoint would serve modified malicious scripts to third-party sites.
Risk Factors
4
  • Domain served as the redirect target in the confirmed Polyfill.io supply-chain attack affecting over 100,000 sites.
  • Modified scripts on polyfill.io.bsclink.cn redirected visitors to gambling and adult scam pages.
  • Linked to Funnull, the company that acquired Polyfill and has been tied to betting and pornography traffic.
  • No contact email or postal address visible on the corporate page.
Positive Signals
3
  • Zero detections across 92 antivirus engines.
  • Hosting IP shows zero abuse reports.
  • Business registration exists and lists the domain as active infrastructure for BaishanCloud.
The full analysis

Page Content

The page presents itself as the marketing site for BaishanCloud (白山云), offering CDN, SASE, and edge-computing services. It lists a Chinese phone number, company links, and standard corporate sections. No login forms, payment fields, or data-harvesting elements appear on the landing page itself.

Infrastructure

The domain resolves to IP 183.61.189.213 with a zero abuse score and no blocklist hits. SSL is unavailable on the root URL. The page loads resources from multiple BaishanCloud and partner domains, consistent with a production CDN marketing site. No sandbox or antivirus engine flagged the current page content.

Domain History

WHOIS data is unavailable. The domain is registered in China and listed as active business infrastructure tied to BaishanCloud and Funnull. It has no recorded age in the scan data.

Web Reputation

Three major security outlets documented the domain's role in the Polyfill.io supply-chain attack. BleepingComputer, Sansec, and SOCRadar each reported that polyfill.io.bsclink.cn served modified scripts that redirected visitors to scam destinations. Over 100,000 websites were impacted. No positive reviews or independent trust ratings were located.

What this means for you

Any site that still loads resources from polyfill.io.bsclink.cn or related subdomains risks serving malicious redirects. Avoid embedding scripts from this domain and migrate away from the compromised Polyfill service immediately.

AI Recommendation
Do not load any scripts or resources from bsclink.cn or its subdomains. Migrate any sites still using the old Polyfill.io library to a trusted alternative immediately.
Scam network detected
2 linked domains correlated

The domain acted as the malicious redirect endpoint in the Polyfill.io supply-chain compromise.

polyfill.iopolyfill.io.bsclink.cn
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for bsclink.cn, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
Active · China
Site traces back to an actively registered business.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
3 scam reports · 100000 complaints
Key findings
6 headline facts from open-web research
  • The domain bsclink.cn is a CNAME infrastructure endpoint for the Chinese CDN provider BaishanCloud (白山云).
  • In June 2024, it was identified as a central component of the Polyfill.io supply chain attack, where polyfill.io was pointed to polyfill.io.bsclink.cn.
  • Security researchers (Sansec, BleepingComputer) found that scripts served through this domain were modified to inject malicious code and redirect users to gambling and adult websites.
  • The attack affected over 100,000 websites that relied on the Polyfill.io library for browser compatibility.
  • The domain is linked to a company called 'Funnull,' which acquired the Polyfill project and has been described by researchers as serving the betting and pornography industries.
  • Major tech companies including Google, Cloudflare, and Fastly issued warnings or set up mirrors to help users migrate away from this infrastructure.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • BleepingComputeropen

    "Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to scam sites."

  • Sansecopen

    "Since then, this domain was caught injecting malware on mobile devices via any site that embeds cdn.polyfill.io... the modified script is primarily used to redirect users to scam sites."

  • SOCRadaropen

    "The Polyfill[.]io service was redirected to polyfill.io.bsclink.cn, which is controlled by Funnull... causing visitors to be redirected to unwanted destinations."

Business registration
Status: active · China

Associated with BaishanCloud (白山云科技) and Funnull.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

BleepingComputer, Sansec, and SOCRadar each published investigations showing that polyfill.io.bsclink.cn was used to inject malicious redirects after Funnull acquired the Polyfill project. The attack affected more than 100,000 websites. No positive reviews or consumer complaints were located in the search results.

Threat Detection

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious59Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not queried
ESET-NOD32
Not queried
Avira
Not queried
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗

Technical Details

The plumbing behind the site — who registered it, how it’s encrypted, where it’s hosted, and where it links out. A valid certificate or a calm server doesn’t mean the business is honest — scam sites pass these checks too. Use this to corroborate the verdict, not to overturn it.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbers400-178-8338
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No postal address visible on the page.
  • Phone number listed (400-178-8338).

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCHINANET Guangdong province network
Usage typeData Center/Web Hosting/Transit

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

What to do

Proceed with caution

Our automated review flagged enough risk that you should treat this site as unverified.

  • Treat bsclink.cn as unverified

    Do not enter credentials or send money until you have independently verified the business.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Final Verdict

0
Trust / 100
Final Verdict·bsclink.cn
SUSPICIOUS

This domain is infrastructure for a Chinese CDN provider that was hijacked in the Polyfill.io supply-chain attack. Over 100,000 sites were affected when scripts served through bsclink.cn redirected visitors to scam and gambling pages.

Do not load any scripts or resources from bsclink.cn or its subdomains. Migrate any sites still using the old Polyfill.io library to a trusted alternative immediately.

AV engines
92
Domain age
Flagged
0
Scan another URL
Security review completemalwaretips.com/url-scan

Safety FAQ

Common questions, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • bsclink.cn looks like a likely scam site — avoid interacting with it. Our review tagged it for malware. It may not be an outright scam, but the risk is high enough that you should verify it independently before trusting it with money or data.
  • Proceed with caution — bsclink.cn scores 46/100 on our trust scale. We found enough warning signals to recommend verifying it through independent channels before entering credentials or money.
  • If you've already paid or handed over details on bsclink.cn, act quickly. 1) Contact your bank or card issuer immediately and ask to dispute the charge or open a chargeback — the sooner you act, the better your odds. 2) Report the site to the U.S. FTC at reportfraud.ftc.gov or the FBI's IC3 at ic3.gov, and in the UK to Action Fraud at actionfraud.police.uk. 3) If you entered a password, change it on bsclink.cn and anywhere you reused it, and turn on two-factor authentication. 4) Watch your bank and email for follow-up fraud, and keep screenshots as evidence.
  • Often yes, if you act fast. Payments made by credit or debit card can frequently be reversed through a chargeback or dispute — contact your bank right away and explain it was a fraudulent site. Bank transfers and gift-card or voucher payments are much harder to recover, but you should still report them to your bank and to the FTC (reportfraud.ftc.gov) or Action Fraud (actionfraud.police.uk). Avoid any "refund" or "recovery" service that contacts you first — it's usually a follow-up scam.
  • Just viewing a scam page is usually low-risk on an up-to-date browser — the real danger is what it asks you to DO (enter details, download a file, send money). If you downloaded anything, run a full antivirus scan and treat the file as untrusted. If you entered a password or card number, change the password everywhere you reused it and contact your bank.
  • You can report bsclink.cn through several official channels: the U.S. FTC at reportfraud.ftc.gov, the FBI's Internet Crime Complaint Center (IC3) at ic3.gov, and — in the UK — Action Fraud at actionfraud.police.uk. You can also flag it to Google Safe Browsing (safebrowsing.google.com/safebrowsing/report_phish) so other browsers warn about it, and report it to the company being impersonated if there is one. Reporting helps get scam sites taken down faster.
  • Modern scams are built to look convincing. A valid SSL padlock, a polished template, stock photos, fake reviews, and a trust badge can all be added in minutes and prove nothing about who runs the site. Scammers buy cheap domains, clone real designs, and copy legal pages wholesale. That's exactly why an automated review that checks the domain's age, hosting, blacklists, and behaviour — rather than just how the page looks — is more reliable than a first impression.
  • No — all 92 antivirus and blocklist engines in our malware network currently report bsclink.cn as clean. That's a good sign, though antivirus coverage is only one of the many signals we weigh, and brand-new scam sites can appear clean before vendors catch up.
  • No — bsclink.cn is not currently on the major browser blocklist feeds that Chrome, Safari, Firefox, and Edge rely on. Note that blocklists can lag behind brand-new scam domains, so "not listed" is reassuring but not a guarantee on its own.
  • bsclink.cn resolves to an IP operated by CHINANET Guangdong province network in CN (Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad — but hosting that doesn't match a brand's claimed country, or that sits on networks known for abuse, is one of the many signals we weigh alongside the verdict above.
  • Yes — bsclink.cn ranks in the global top 100,000 most-visited sites, which means it has substantial real-world traffic. Genuine popularity doesn't automatically make a site safe, but throwaway scam domains almost never reach this level of traffic, so it's a meaningful point in the site's favour.
  • This report is a record of the scan run on July 13, 2026, and the verdict reflects that point in time. Scam sites change fast — they can go live, get flagged, or vanish within days — so if you believe something about bsclink.cn has changed, MalwareTips staff can run a fresh scan that re-checks every signal from scratch and republishes an updated verdict.
Recently scanned

Other Suspicious reports

Browse all reports
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.