befy.finance
Open in
urlscan Pro
62.182.83.130
Malicious Activity!
Public Scan
Submission: On December 07 via manual from RS — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 12th 2022. Valid for: 3 months.
This is the only time befy.finance was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 62.182.83.130 62.182.83.130 | 30860 (YURTEH-AS) (YURTEH-AS) | |
10 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
befy.finance
befy.finance |
1 MB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | befy.finance |
befy.finance
|
10 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
metamask.zendesk.com |
github.com |
multibit.org |
blockchain.info |
Subject Issuer | Validity | Valid | |
---|---|---|---|
befy.finance cPanel, Inc. Certification Authority |
2022-10-12 - 2023-01-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://befy.finance/app/MetaMask.html
Frame ID: 897BE880C033383DD6A5A6686CC4CCD5
Requests: 10 HTTP requests in this frame
14 Outgoing links
These are links going to different origins than the main page.
Title: Metamask Support
Search URL Search Domain Scan URL
Title: BIP85 spec
Search URL Search Domain Scan URL
Title: BIP44 spec
Search URL Search Domain Scan URL
Title: Purpose
Search URL Search Domain Scan URL
Title: Coin
Search URL Search Domain Scan URL
Title: Account
Search URL Search Domain Scan URL
Title: External / Internal
Search URL Search Domain Scan URL
Title: BIP32 spec
Search URL Search Domain Scan URL
Title: Bitcoin Core BIP32 implementation
Search URL Search Domain Scan URL
Title: MultiBit HD
Search URL Search Domain Scan URL
Title: blockchain.info
Search URL Search Domain Scan URL
Title: BIP49 spec
Search URL Search Domain Scan URL
Title: BIP141 spec
Search URL Search Domain Scan URL
Title: BIP84 spec
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
MetaMask.html
befy.finance/app/ |
224 KB 224 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
connect.css
befy.finance/app/css/ |
883 KB 884 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metamask-logo-horizontal.svg
befy.finance/app/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metamask-fox.svg
befy.finance/app/img/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
befy.finance/app/js/ |
78 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
befy.finance/app/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
carousel.min.css
befy.finance/app/css/ |
0 206 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caret-down.svg
befy.finance/app/img/ |
164 B 377 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EuclidCircularB-Regular-WebXL.ttf
befy.finance/app/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EuclidCircularB-Bold-WebXL.ttf
befy.finance/app/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
befy.finance
62.182.83.130
11e81c1001b640b4688fd1b07d6b70a152acd9f81e85dd52cf402911b49ddff5
8aa277b6835910911fe4dd73887e99f4d74a00429509f74510661414a7f61e17
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34
bfefca810b4d336318e4efee744dc69321a39e3df3e9c5889e2038720c08ac12
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ca4b439e879644b1528ecc7c538a6240ee9210a16a63861a5086c15815b026