allowance.beefy.finance
Open in
urlscan Pro
2400:52e0:1e00::1080:1
Malicious Activity!
Public Scan
Submission: On August 24 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on July 28th 2023. Valid for: 3 months.
This is the only time allowance.beefy.finance was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2400:52e0:1e0... 2400:52e0:1e00::1080:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
3 | 2606:4700::68... 2606:4700::6810:7baf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:1495 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
14 | 6 |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
beefy.finance
allowance.beefy.finance |
575 KB |
4 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 485 p.typekit.net — Cisco Umbrella Rank: 610 |
68 KB |
3 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 886 |
839 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 736 |
24 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
6 | allowance.beefy.finance |
allowance.beefy.finance
code.jquery.com |
3 | use.typekit.net |
allowance.beefy.finance
use.typekit.net |
3 | unpkg.com |
allowance.beefy.finance
|
1 | p.typekit.net |
use.typekit.net
|
1 | code.jquery.com |
allowance.beefy.finance
|
14 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
beefy.finance |
discord.gg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
allowance.beefy.finance R3 |
2023-07-28 - 2023-10-26 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://allowance.beefy.finance/
Frame ID: 423ECDE74DF1E3EDC9A9841C18012E91
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
BSC AllowanceDetected technologies
Typekit (Font Scripts) ExpandDetected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: beefy.finance
Search URL Search Domain Scan URL
Title: Join the cowmunity!
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
allowance.beefy.finance/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minireset.min.css
allowance.beefy.finance/css/ |
541 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
allowance.beefy.finance/css/ |
4 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.slim.min.js
code.jquery.com/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beefy.svg
allowance.beefy.finance/img/ |
27 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
unpkg.com/web3@1.2.11/dist/ |
1 MB 294 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/web3modal@1.9.0/dist/ |
418 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/ |
1 MB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
allowance.beefy.finance/js/ |
2 MB 544 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avo8ruz.css
use.typekit.net/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 172 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ |
34 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beefy.svg
allowance.beefy.finance/img/ |
27 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| WalletConnectProvider function| updateWeb3Modal0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
allowance.beefy.finance
code.jquery.com
p.typekit.net
unpkg.com
use.typekit.net
2001:4de0:ac18::1:a:1b
2400:52e0:1e00::1080:1
2606:4700::6810:7baf
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1eb20ac766b6a3fb5917932a9d7f1123ad106174c4e86af9ef14541a8813017c
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
48d0ba8e4101cb299768bdc3d5af05806c5d05ac62802a01fd70c041290e6591
4ab3c7b4a8d555f87b2b10d12889b604bc967eac0c13e7df9d203196954b1476
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
6f855eda6f806ede61eeb78bb4726efaf1c8a6d5b471a2881778cab057f73b03
7fb744322eb539e3133e46e7315b066683c4257f020ca68a4ff1ecda5d98be89
8a1d2d173f315571d5bcd90c61e2b5279a027e952d8bf4fa693b5f4e86f08b08
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db