Report - openseanft-io.firebaseapp.com/

Report Overview

Visited public
2025-06-23 10:46:24
Tags
Submit Tags
URL
openseanft-io.firebaseapp.com/
Finishing URL
openseanft-io.firebaseapp.com/
IP / ASN
199.36.158.100
#54113 FASTLY
Title
OpenSea, the largest NFT marketplace

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-18	468 B	5.6 kB	142.250.178.74
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-18	904 B	799 kB	104.17.24.14
opensea.io	12429	2017-12-27	2018-03-19	2025-06-17	455 B	6.0 kB	104.18.33.97
openseanft-io.firebaseapp.com	unknown	2012-10-15	2025-05-02	2025-06-22	6.0 kB	11 MB	199.36.158.100
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-18	1.1 kB	98 kB	142.250.74.35
binance.nodereal.io	unknown	2021-07-19	2022-10-20	2025-06-20	1.0 kB	6.0 kB	52.208.54.196

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-06-23 10:46:03	low	Client IP	52.208.54.196	ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)
2025-06-23 10:46:03	low	Client IP	18.202.202.180	ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet
2025-06-21	medium	openseanft-io.firebaseapp.com/	Crypto/Wallet

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed
2025-06-23	medium	openseanft-io.firebaseapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	openseanft-io.firebaseapp.com/	ScriptElement	110 B	2024-02-05	2025-06-26
Pretty URL openseanft-io.firebaseapp.com/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-05 02:44 Last Seen2025-06-26 09:38 Times Seen42 Hash a54f13d94a79f2ceefcd5162bf304ad3 f2029764a5034495d65329ed4ab9478cd7a77464 2554a10783c42665cf9ce072167b3015bfc02837e1323459557bfe72a949a56a Loading...

	openseanft-io.firebaseapp.com/	Function	37 B	2023-04-11	2025-06-28
Pretty URL openseanft-io.firebaseapp.com/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-28 04:29 Times Seen282845 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	openseanft-io.firebaseapp.com/	Function	79 B	2023-04-11	2025-06-28
Pretty URL openseanft-io.firebaseapp.com/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-06-28 04:23 Times Seen116337 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js	ScriptElement	61 kB	2023-11-02	2025-06-28
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 21:20 Last Seen2025-06-28 00:27 Times Seen2042 Hash d9c6de0df2bf028d93924aff92487904 6596050516dd12af52d9b0e7b18ed837f1d81300 769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc Loading...

	openseanft-io.firebaseapp.com/d809008a-f25a-49a5-99d2-f310846372f9.js	ScriptElement	3.4 MB	2025-05-01	2025-06-26
Pretty URL openseanft-io.firebaseapp.com/d809008a-f25a-49a5-99d2-f310846372f9.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-01 12:30 Last Seen2025-06-26 09:38 Times Seen8 Hash c012b7fa3d6276cf777ee059d8b2e6e1 1cae16121778f349f073f369e330033be100de3e 931258aac0b3b3cb81360573ae25709ce2888a6235295a3776a724fc37b70917 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2b630195ede426708afe142f41e028ea	6.7 kB	2024-02-26 11:38	2025-06-26 09:38
Pretty Observations First Seen2024-02-26 11:38 Last Seen2025-06-26 09:38 Times Seen25 Hash 2b630195ede426708afe142f41e028ea 23696957569c00f8ee0f8c530f6b4238e9c46b7c f1bd9a8137c58929e0ca73ab9ecb7f5ee097eb0dd93763282c31016fc165f08c Loading...

HTTP Transactions (21)

URL IP Response Size

GET opensea.io/static/images/favicon/favicon.ico

104.18.33.97

404 Not Found

0 B

URL GET
opensea.io/static/images/favicon/favicon.ico
IP
104.18.33.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerLet's Encrypt
Subjectopensea.io
Fingerprint94:87:C5:7B:8F:9B:E7:F7:8D:85:16:A2:12:5F:24:46:49:D8:11:0B
ValidityThu, 22 May 2025 07:30:16 GMT - Wed, 20 Aug 2025 07:30:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/images/favicon/favicon.ico HTTP/1.1
Host: opensea.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Mon, 23 Jun 2025 10:46:03 GMT
content-type: text/html; charset=utf-8
cf-ray: 9543663e4893712f-OSL
cf-cache-status: EXPIRED
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
link: </_next/static/media/3582f3c0309ef02d-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/6bd06640219841f6-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/d2f736b85ce1753d-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/ec10966dde464df8-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/f1c33117647e1241-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding
cf-placement: local-OSL
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://os2-fqbf8.quill.run https://widget.intercom.io/widget/rws4jyr5 https://js.intercomcdn.com https://static.moonpay.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' data: wss://os2-wss.prod.privatesea.io https://gql.opensea.io https://features.opensea.io https://*.mux.com dd2.openseaprorelayproxy.com atd2.openseaprorelayproxy.com https://api.amplitude.com https://api2.amplitude.com https://o406206.ingest.sentry.io https://www.googletagmanager.com https://www.google-analytics.com https://region1.google-analytics.com/ https://os2-fqbf8.quill.run https://api.mainnet.abs.xyz https://arb1.arbitrum.io/rpc https://nova.arbitrum.io/rpc https://eth.merkle.io https://api.avax.network/ext/bc/C/rpc https://api.avax-test.network/ext/bc/C/rpc https://rpc.blast.io https://56.rpc.thirdweb.com https://mainnet.evm.nodes.onflow.org https://public-en-cypress.klaytn.net https://polygon-rpc.com https://rpc-amoy.polygon.technology https://mainnet.base.org https://sepolia.base.org https://sepolia.drpc.org https://rpc.zora.energy https://evm-rpc.sei-apis.com/ https://rpc.berachain.com https://api.roninchain.com/rpc https://rpc.soneium.org https://mainnet.shape.network https://mainnet.unichain.org/ https://mainnet-rpc.b3.fun/http https://cloudflare-eth.com https://mainnet.infura.io https://*.llamarpc.com https://eth-mainnet.alchemyapi.io https://*.g.alchemy.com https://*.quiknode.pro https://thrumming-blue-uranium.solana-mainnet.quiknode.pro wss://thrumming-blue-uranium.solana-mainnet.quiknode.pro https://rpc.gunzchain.io https://swr.xnftdata.com/rpc-proxy/ https://wallets.opensea.io/ https://dev-wallets.opensea.io/ https://www.walletlink.org wss://www.walletlink.org https://verify.walletconnect.com https://verify.walletconnect.org https://pulse.walletconnect.org wss://relay.walletconnect.org wss://relay.walletconnect.com https://explorer-api.walletconnect.com https://metamask-sdk.api.cx.metamask.io wss://metamask-sdk.api.cx.metamask.io https://chain-proxy.wallet.coinbase.com https://*.intercom.io https://*.intercomcdn.com https://*.intercomassets.com wss://*.intercom.io https://opensea-prod-mainnet-temp-userdata.s3.amazonaws.com https://prod-mainnet-temp-uploads.s3.us-east-1.amazonaws.com/ https://api.moonpay.com https://moonpay.com https://auth.privy.io https://vitals.vercel-insights.com; img-src 'self' blob: data: https://opensea.io https://static.opensea.io https://*.featurebase-attachments.com https://fb-usercontent.fra1.cdn.digitaloceanspaces.com https://static.seadn.io https://i2.seadn.io https://i2c.seadn.io https://raw.seadn.io https://i.seadn.io https://lh3.googleusercontent.com https://openseauserdata.com https://raw2.seadn.io https://explorer-api.walletconnect.com https://image.mux.com https://stream.mux.com https://*.canarytokens.org/ https://canarytokens.org/ https://*.intercomcdn.com https://*.intercomassets.com https://assets.snagsolutions.io https://cdnjs.cloudflare.com/ajax/libs/twemoji/; media-src 'self' blob: data: https://raw.seadn.io https://raw2.seadn.io https://static.seadn.io https://i2.seadn.io https://i2c.seadn.io https://image.mux.com https://stream.mux.com; font-src 'self' https://fonts.gstatic.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https://wallets.opensea.io/ https://dev-wallets.opensea.io/ https://privy.wallets.opensea.io; frame-src 'self' https://verify.walletconnect.com https://verify.walletconnect.org https://wallets.opensea.io/ https://dev-wallets.opensea.io/ https://privy.wallets.opensea.io https://auth.privy.io https://*.moonpay.com https://i2.seadn.io https://i2c.seadn.io https://openseauserdata.com https:; block-all-mixed-content; upgrade-insecure-requests;
cross-origin-opener-policy: unsafe-none
referrer-policy: strict-origin
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: DENY
x-matched-path: /[locale]/[currency]/[persona]/[...catchAll]
x-permitted-cross-domain-policies: none
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-id: iad1::iad1::9fd7l-1750675563352-43d5258ae9a3
x-vercel-ip-as-number: 13335
x-vercel-ip-city: Ashburn
x-vercel-ip-continent: NA
x-vercel-ip-country: US
x-vercel-ip-country-region: VA
x-vercel-ip-latitude: 39.0469
x-vercel-ip-longitude: -77.4903
x-vercel-ip-postal-code: 20149
x-vercel-ip-timezone: America/New_York
x-xss-protection: 1; mode=block
set-cookie: __cf_bm=.FAfWMzaNwaQ2RhX8mLmkntSUwIvPWoGUoYqKIZql_I-1750675563-1.0.1.1-ABf5gibKCl4xVXiemsDEnjr0KPjLxBjUGMsb3g9C93DJnMv_OaWwn_neOeag9GY7pRbQc9uy8Ai762KHM2MXA_apTb0JCnUgg1W53oY8htw; path=/; expires=Mon, 23-Jun-25 11:16:03 GMT; domain=.opensea.io; HttpOnly; Secure; SameSite=None
_cfuvid=YzdqPnemooCbVlPJLyQOPYJridarILd8WUvVfZAew7I-1750675563599-0.0.1.1-604800000; path=/; domain=.opensea.io; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET openseanft-io.firebaseapp.com/d809008a-f25a-49a5-99d2-f310846372f9.js

199.36.158.100

200 OK

3.4 MB

URL GET
openseanft-io.firebaseapp.com/d809008a-f25a-49a5-99d2-f310846372f9.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
JavaScript source, ASCII text, with very long lines (49847)
Size
3.4 MB (3418842 bytes)
Hash
c012b7fa3d6276cf777ee059d8b2e6e1
1cae16121778f349f073f369e330033be100de3e
931258aac0b3b3cb81360573ae25709ce2888a6235295a3776a724fc37b70917

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /d809008a-f25a-49a5-99d2-f310846372f9.js HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 1055564
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "9c7ae9fea7fecbe0f16a2237f61c157a57618f386d2a1c75afa2e88d7363be8e-br"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:00 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675561.625104,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/modal.css

199.36.158.100

200 OK

3.9 MB

URL GET
openseanft-io.firebaseapp.com/modal.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
3.9 MB (3917653 bytes)
Hash
e28ca511f3f7941fd5440410b0610e70
d813ac0ed22a04af8b9f697ea4bdf85eb269b01e
1a5c72255666ab7ad334e0076faf36bd52c95b017c421dce82253b8070ce195a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal.css HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 2875772
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "9fb7401c0f3020f77504e75ea1ecb8e69ca13d3065a60e8b61d0f30d5d8e7269-br"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:00 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675561.628922,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48256, version 1.0
Size
48 kB (48256 bytes)
Hash
260c81a4759baf163c025001c4f27872
f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298
3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://openseanft-io.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:48:32 GMT
expires: Fri, 19 Jun 2026 10:48:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
age: 345450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET openseanft-io.firebaseapp.com/modal/opensea.webp

199.36.158.100

200 OK

207 kB

URL GET
openseanft-io.firebaseapp.com/modal/opensea.webp
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
207 kB (206752 bytes)
Hash
38d258dbe57c7933108f3f4049e90f77
71ba87ecd3507a4f7e2a0f25a9f484403190696e
55ef30785ddc262a8dfe558a2287d4ad50ef2e3f3a3d8bafc365f9ebe1dcdd06

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal/opensea.webp HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 206752
cache-control: max-age=3600
content-type: image/webp
etag: "e64e4a2c9c0a740879c533bd0f877d86988a57e5382b0f4874e01564b60db492"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675562.288751,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/modal/logo_open.svg

199.36.158.100

200 OK

1.6 kB

URL GET
openseanft-io.firebaseapp.com/modal/logo_open.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1586 bytes)
Hash
5379945cf2a21823bd7db8f3bf4f1674
21c8c31cecab17d02038dc3b2a9ed7d6806053a1
1f0d39320744abaa183ec26566e786c8e49de10aba45f51d0657f9cc9f8519b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal/logo_open.svg HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 772
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "e78f90ca3bfce2eb433e2467d3abf23da9b67087b9d1fac7ca49c012ba06bfd1-br"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 10
x-timer: S1750675562.290283,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

OPTIONS binance.nodereal.io/

52.208.54.196

204 No Content

0 B

URL OPTIONS
binance.nodereal.io/
IP
52.208.54.196:443
ASN
#16509 AMAZON-02

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerAmazon
Subject*.nodereal.io
FingerprintC6:91:90:0D:EE:3C:8C:8F:95:A6:0A:58:6A:D8:9E:F9:06:B3:FD:A5
ValiditySun, 15 Dec 2024 00:00:00 GMT - Wed, 14 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: binance.nodereal.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://openseanft-io.firebaseapp.com/
Origin: https://openseanft-io.firebaseapp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Mon, 23 Jun 2025 10:46:03 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

GET openseanft-io.firebaseapp.com/assets/background-wallet.png

199.36.158.100

200 OK

96 kB

URL GET
openseanft-io.firebaseapp.com/assets/background-wallet.png
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
PNG image data, 420 x 160, 8-bit/color RGBA, non-interlaced
Size
96 kB (95867 bytes)
Hash
dd31fe05c0df9d82b020766cd3c93c91
19deafe8799e0f759d9e62dccdc32ce0a1613347
1205449b2ebb81af3d165dad87cf46271a2fba4e0bc1de5f5735111372891d87

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/background-wallet.png HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 95867
cache-control: max-age=3600
content-type: image/png
etag: "113bca12be9ca556d7e60bc23b399ac09bb13e33be62c41b97600f12ca7fa6a9"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:00 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675561.635489,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

142.250.178.74

200 OK

4.9 kB

URL GET
fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
ASCII text
Size
4.9 kB (4942 bytes)
Hash
3fa5a4d13106a2087f9550d9457ecdd7
5c581d18df16c5ac6e2506364bbbe7396dce63f4
5f7386431a29a0c6f921183ccec9f4c03cd10f57e8f5ada4d3fa412aacb3bc31

HTTP Headers

GET /css2?family=Inter:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jun 2025 10:46:00 GMT
date: Mon, 23 Jun 2025 10:46:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

104.17.24.14

200 OK

736 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
736 kB (735973 bytes)
Hash
268d19762594655239a29d058a7e8b44
f06da2f7a68114b8dda38a0d782d65ddacc9c0e8
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

HTTP Headers

GET /ajax/libs/ethers/5.6.9/ethers.umd.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 23 Jun 2025 10:46:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 125841
cf-ray: 954366372c390b45-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62ad87d5-1eb91"
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1397489
expires: Sat, 13 Jun 2026 10:46:02 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2iWIIHhnH0DfiBxCcIbQSYRjmXZ%2FlD1y74UAj0ttq%2FQmp6M42XU2NHbZweN0XNp9F45tcQXo7MkcHgPgrARwLVAWEH5cO8CE5GqhxCuuuebFJCg3V7EDreIiFlDSrzx%2BeQXB2ZX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET openseanft-io.firebaseapp.com/modal/coinbase.webp

199.36.158.100

200 OK

11 kB

URL GET
openseanft-io.firebaseapp.com/modal/coinbase.webp
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11152 bytes)
Hash
3075e5f06fd33a6da218aad481c35545
ab4e6efbdfef6ad993d1006ffc6f3d80c112eb8b
7f1e60c2a2d01520a2e4d593226b158ab6f1caa9e0eb1908dd08d516af59bdea

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal/coinbase.webp HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 11152
cache-control: max-age=3600
content-type: image/webp
etag: "87b92c6317d2c987bf4f7d076daca95b1ed4f4d023ed5bdecf938eaa651884bf"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675562.292624,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/modal/trust.webp

199.36.158.100

200 OK

5.5 kB

URL GET
openseanft-io.firebaseapp.com/modal/trust.webp
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5498 bytes)
Hash
c9e78fe6c6e121908c1d04fdb68a8934
4460f24fadc7bf575ec84bf6022daca434947c8b
dbc6b5512ca6a2fc08f2af7f246d300c7b0ffce7da57bed015f2830a4239f515

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal/trust.webp HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 5498
cache-control: max-age=3600
content-type: image/webp
etag: "710049b9542dea61f3cea461ea4d972e35787550924121ff54d8161d24e76694"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675562.297618,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48256, version 1.0
Size
48 kB (48256 bytes)
Hash
260c81a4759baf163c025001c4f27872
f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298
3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://openseanft-io.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:48:32 GMT
expires: Fri, 19 Jun 2026 10:48:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
age: 345450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST binance.nodereal.io/

52.208.54.196

200 OK

4.9 kB

URL POST
binance.nodereal.io/
IP
52.208.54.196:443
ASN
#16509 AMAZON-02

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerAmazon
Subject*.nodereal.io
FingerprintC6:91:90:0D:EE:3C:8C:8F:95:A6:0A:58:6A:D8:9E:F9:06:B3:FD:A5
ValiditySun, 15 Dec 2024 00:00:00 GMT - Wed, 14 Jan 2026 23:59:59 GMT

File type
JSON text data
Size
4.9 kB (4902 bytes)
Hash
2188b7f1b90a143020f7faf12d10e91f
e6a95e4d574d05948b7c8517861a71e6f69b38b8
4a8dd94310fc027a042dc9ca0311f20e9341084839e00b8d7a830ab52cdc8096

HTTP Headers

POST / HTTP/1.1
Host: binance.nodereal.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://openseanft-io.firebaseapp.com/
Content-Type: application/json
Content-Length: 136
Origin: https://openseanft-io.firebaseapp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Jun 2025 10:46:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: ee7b1bad426e2bb09cc855b2fac15932
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

GET openseanft-io.firebaseapp.com/

199.36.158.100

200 OK

94 kB

URL User Request GET
openseanft-io.firebaseapp.com/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
HTML document, ASCII text, with very long lines (53419)
Size
94 kB (94521 bytes)
Hash
edcccd25b7318f24af676ab3c7e49d7a
9f13b39effff47e5c4b4e8d8260c3fc0a4f61aa3
aaceb14be380450fe5555b5df1c5492b7a4b8c7aba4abc92df1925bee304208a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "a52616c3d5d9af7892b3e86bd60bdf45b4b36153f12ff429051b697a4302eabf-br"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:00 GMT
x-served-by: cache-hel1410023-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675560.290171,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5944
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

104.17.24.14

200 OK

61 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (60819), with no line terminators
Size
61 kB (60819 bytes)
Hash
d9c6de0df2bf028d93924aff92487904
6596050516dd12af52d9b0e7b18ed837f1d81300
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

HTTP Headers

GET /ajax/libs/crypto-js/4.2.0/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 23 Jun 2025 10:46:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 19621
cf-ray: 95436636897d56b1-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65384d58-4ca5"
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 374274
expires: Sat, 13 Jun 2026 10:46:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opqE7NUYDtup1y%2F5zqxR5XaJJajpBVP84grglsfvIEOueg7t0thRhWzTzR9krwFiZeEMHJJhbaSr46yF9Xtl0sLUKXK9vMAnjkeJCiAf288p2UUNLIIK8L9VoCPyFF63NzXuRUY4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET openseanft-io.firebaseapp.com/modal/metamask.svg

199.36.158.100

200 OK

4.0 kB

URL GET
openseanft-io.firebaseapp.com/modal/metamask.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
SVG Scalable Vector Graphics image
Size
4.0 kB (3977 bytes)
Hash
c879a582a94e772b8ed27295ae83145d
a12623d13c36b4a2a2bcc419330cb2d9c8fa079d
11b1aab7f9a07cbe8903d8d6eb1e6d42be66d1bdd838c10786c1c49a2efb36f0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal/metamask.svg HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 989
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "8550f4d78212c86c9c401d1a78f6f36bbd8785cf1f3b04338fe006adea250d37-br"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675562.291295,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/modal/walletconnect.webp

199.36.158.100

200 OK

1.8 kB

URL GET
openseanft-io.firebaseapp.com/modal/walletconnect.webp
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.8 kB (1750 bytes)
Hash
182a02d14873d4ad1d71b67fa0e4af06
86023e8c21736a1e038c9f23785b7688e6dccf7d
06c723ea200b7d8814027911cf08012c3bb705daf6bca797ff5bdc2e971fde45

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modal/walletconnect.webp HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 1750
cache-control: max-age=3600
content-type: image/webp
etag: "e1ecba46eb706d1cc1315516c2e6c4f573fb259b7615a86f0ada7f34c390c900"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675562.295685,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/YOUR%20JS%20HERE.js

199.36.158.100

404 Not Found

21 kB

URL GET
openseanft-io.firebaseapp.com/YOUR%20JS%20HERE.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
HTML document, ASCII text, with very long lines (18789)
Size
21 kB (21376 bytes)
Hash
04919e76624c41c2d716a9f2fa41123d
9d4cea90b1749a1e143805c629b8b02e03b0672e
a5209717d04e1213c517d38211b545d82963a4880c6524eb29713b8c4972df36

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YOUR%20JS%20HERE.js HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
content-length: 21376
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:00 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1750675561.634662,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/YOUR%20JS%20HERE.js

199.36.158.100

404 Not Found

21 kB

URL GET
openseanft-io.firebaseapp.com/YOUR%20JS%20HERE.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
HTML document, ASCII text, with very long lines (18789)
Size
21 kB (21376 bytes)
Hash
04919e76624c41c2d716a9f2fa41123d
9d4cea90b1749a1e143805c629b8b02e03b0672e
a5209717d04e1213c517d38211b545d82963a4880c6524eb29713b8c4972df36

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /YOUR%20JS%20HERE.js HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
content-length: 21376
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 2
x-timer: S1750675562.099628,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET openseanft-io.firebaseapp.com/assets/desktop.gif

199.36.158.100

200 OK

3.0 MB

URL GET
openseanft-io.firebaseapp.com/assets/desktop.gif
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://openseanft-io.firebaseapp.com/
Certificate
IssuerGoogle Trust Services
Subjectfirebaseapp.com
Fingerprint96:B6:0C:4C:18:7C:62:DD:E0:EB:0D:B9:A0:6E:3C:76:CF:7E:26:8F
ValidityFri, 23 May 2025 14:15:00 GMT - Thu, 21 Aug 2025 14:14:59 GMT

File type
GIF image data, version 89a, 1920 x 6365
Size
3.0 MB (2964857 bytes)
Hash
06d06d7cf3f80d4b3ce453f7e8206c20
826368c0daf1c236a26d815e5361105fe4e21799
ab9bf8d0dbbd8e7fd2dc3d7d2a2ffc813e66bacb37c8b0ceb1f055aed2604f38

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/desktop.gif HTTP/1.1
Host: openseanft-io.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://openseanft-io.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 1866648
cache-control: max-age=3600
content-encoding: br
content-type: image/gif
etag: "2a1f600652358d6608f23b63c78a206fbf5e233edac21f5cdce5f9bcbe596323-br"
last-modified: Fri, 06 Dec 2024 22:24:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 23 Jun 2025 10:46:02 GMT
x-served-by: cache-hel1410029-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1750675562.287356,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (21)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET