{"report_id":"e8fc7950-9cd0-48a0-a9ab-ddd8e0962a62","version":6,"status":"done","tags":[],"date":"2026-03-12T20:01:53Z","url":{"schema":"https","addr":"opensea.com.collector-with.com/","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"opensea.com.collector-with.com/","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"title":"Connect wallet | OpenSea","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"opensea.com.collector-with.com/","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-16T20:01:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"opensea.com.collector-with.com","ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":24,"request_count":8,"received_data":4471017,"sent_data":3940,"comment":"","tags":null,"fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.4.18","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"opensea.io","ip":{"addr":"104.18.33.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-12-27","domain_rank":6774,"first_seen":"2018-03-19T09:11:27Z","last_seen":"2026-03-10T18:56:11.045788Z","alert_count":0,"request_count":1,"received_data":8205,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"opensea.com.collector-with.com/superplugin-5.2.6.js","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b61c8669fd99c459b708dc7a4b083d66","sha1":"8a1ef12a792d2f720d01673cd65493d186e98b9e","sha256":"4179367438f142ffa5eb1ce64eee75c035e4caf557803c57944dfe3409216a3a","sha512":"fbf2ef59b2ea091bfb19d2c39f206c84f8153838e9d35227097275046b7833e734fe275d48d0b37457db16ca4efea0e9f808d4e678ad1c5e5f385b1bac6851a6","ssdeep":"768:LurO53c73Itjjpd4hNhB5cBZ6k1RKbLVgHEcjwecNjJcS7RyW9Wri5c6bcxAqtkX:0RI7Or2BZ69bLakcFqqtmLnFJEU","tlshash":"6a8352d5991bd4d89e1260ced833ec15e4281923cdadf1abba3cdec1782df26845713a","size":80906,"data":"","first_seen":"2026-03-12T20:01:58.234579Z","last_seen":"2026-03-12T20:04:14.304497Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/7770b8d4-91c3-48d1-8f8d-03805a5e3052","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f11bcdc7b7757c117a8de0db3a4c25b8","sha1":"962e4d08a960106c829d0f9d492d7b891927adab","sha256":"b60b89c0c92cf57329c8590a2c5540cece4def64e4e7bf04f2d39b8ffa3b2748","sha512":"7461553dadb09db423bda8c47a58f8cdade82aa710a0f4415cde912e7a88cd4471ea86aa58a2e5097c90e2cb45ac410104019c56a04c35955e827f0bb0796040","ssdeep":"6144:vkWGL6BSn5NGCk3zi0mCw8wLPNU2HZjGfty3:cjkSnv1k20mCwFnHRGfty3","tlshash":"1044810609ac4f7986ec22e015f72cc401794e0ad9dc3cbfb9ada1579e25bd6e0c279d","size":259964,"data":"","first_seen":"2025-07-13T03:04:16.940864Z","last_seen":"2026-06-13T15:26:27.77669Z","times_seen":5042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"opensea.com.collector-with.com/b900569f863a730f.css","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"GET /b900569f863a730f.css HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://opensea.com.collector-with.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 09 Dec 2025 06:48:46 GMT\r\netag: W/\"6937c64e-28461\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":164961,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96fed050c58f15dd93464393e766a3ee","sha1":"225a7e43218939cedb1a81efd68cad59b30e4138","sha256":"589f4179473cda7f19379f2358585c382a92d38a25fa4aa33ecc0eda7e3bf267","sha512":"ab70fc3c413742ebffbf76eaaa36d784197b000e2b4b62f241822b9d5280031ddb6ef6cc612f2f54180ded3de81f32202f8f18ffa1168d92eebf6af43acb08ad","ssdeep":"3072:NIqFdR9FMQyh6BaYkcw4O6hNC0P8O/B386djvntchXZZmgRJ2nhCPySzjKbgyxr4:22dR9FMQyh6BaYkcw4O6hNC0P8O/B38V","tlshash":"7af362e4f229c53fac37a17d53ece84d511af245ee121ad9bb00612306c67f70da6a39","first_seen":"2025-11-03T02:52:22.289363Z","last_seen":"2026-06-13T11:01:21.811471Z","times_seen":106,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/css2-1.css","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"GET /css2-1.css HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://opensea.com.collector-with.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 09 Dec 2025 06:48:40 GMT\r\netag: W/\"6937c648-1a01\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6657,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ce7ad8f4ad7ad856c1099fc81b1b7648","sha1":"1ad43c1dcc0a01e0f43ee5385596b6950ccee64a","sha256":"673efc1392c23c179e818ed5a87a15c4c73b015995d1e6d7b021300935ffc337","sha512":"3c99af3c3067d88019bdc48c29b808c8ecdf4ddaa416e40567feae3f5c50f92e525a2202d2caa81bfd49f32daed65767f781c4cea4bd6f45db38ccc934c6d937","ssdeep":"192:9TNe7m34MJD7TOdUm3/TJ8eTrUdm3iWJlk:h/P0NNS","tlshash":"5ed19b91042b5100e7971cc627cf3f366edc2149a049dabc2ffd189aaceadb913a574d","first_seen":"2025-11-16T14:51:55.272416Z","last_seen":"2026-06-13T11:01:21.804407Z","times_seen":49,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/f3ea6aea02c57edc.css","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"GET /f3ea6aea02c57edc.css HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://opensea.com.collector-with.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 09 Dec 2025 06:48:46 GMT\r\netag: W/\"6937c64e-72d\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1837,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4d23977a59cca7f428bd05a23cf8ed13","sha1":"9e17e84939695b4381069a495475e6ee23981be9","sha256":"10715d12fbd17d923a388963cf26c7272927d6c5fa55573256cfb10fa354dcff","sha512":"06671f833bcc63501c09d3f41aebdb5786ab38637ae0606124b34cd816a7f8eeac22fa5beafe2449697f0759a5ddbd2f782c3e3711e515c68e7749c4a2947ebd","ssdeep":"","tlshash":"f4312640056f5401f5e20cabb7cfbb51654e285b9088dc7a7f6136588ea2869c3f5fac","first_seen":"2025-12-12T02:58:09.447143Z","last_seen":"2026-06-13T11:01:21.812067Z","times_seen":38,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.io/icons/icon-192x192.png","fqdn":"opensea.io","domain":"opensea.io","tld":"io"},"ip":{"addr":"104.18.33.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Feb 2026 15:43:30 GMT","end":"Thu, 07 May 2026 16:43:14 GMT"},"fingerprint":{"sha1":"17:03:75:35:2A:4E:66:AC:40:F3:9B:51:46:CD:7E:C4:DE:41:FC:06","sha256":"AE:FF:CC:EA:5F:E8:B3:E2:96:52:56:1C:8B:B0:74:F0:F7:5F:6E:B5:59:6C:ED:11:78:E8:7D:F1:58:CF:D2:25"}}},"request":{"raw":"GET /icons/icon-192x192.png HTTP/1.1\r\nHost: opensea.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://opensea.com.collector-with.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 2794\r\ncf-ray: 9db564194cc31a30-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"icon-192x192.png\"\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://os2-fqbf8.quill.run https://widget.intercom.io/widget/rws4jyr5 https://js.intercomcdn.com https://static.moonpay.com https://static.seadn.io/os2/tv_library/charting_library/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.seadn.io/os2/tv_library/charting_library/; connect-src 'self' data: wss://gql.opensea.io wss://api.hyperliquid.xyz https://api.hyperliquid.xyz https://gql.opensea.io https://features.opensea.io https://static.seadn.io https://i2.seadn.io https://*.mux.com *.openseaprorelayproxy.com https://api.amplitude.com https://api2.amplitude.com https://sr-client-cfg.amplitude.com https://o406206.ingest.sentry.io https://www.googletagmanager.com https://www.google-analytics.com https://region1.google-analytics.com/ https://os2-fqbf8.quill.run https://api.mainnet.abs.xyz https://arb1.arbitrum.io/rpc https://nova.arbitrum.io/rpc https://eth.merkle.io https://api.avax.network/ext/bc/C/rpc https://api.avax-test.network/ext/bc/C/rpc https://rpc.blast.io https://56.rpc.thirdweb.com https://mainnet.evm.nodes.onflow.org https://public-en-cypress.klaytn.net https://polygon-rpc.com https://rpc-amoy.polygon.technology https://mainnet.base.org https://sepolia.base.org https://11155111.rpc.thirdweb.com https://rpc.zora.energy https://evm-rpc.sei-apis.com/ https://rpc.berachain.com https://api.roninchain.com/rpc https://rpc.soneium.org https://mainnet.shape.network https://mainnet.unichain.org/ https://mainnet-rpc.b3.fun/http https://cloudflare-eth.com https://mainnet.infura.io https://*.llamarpc.com https://*.g.alchemy.com https://*.quiknode.pro https://rpc.monad.xyz https://rpc.hyperliquid.xyz/evm https://thrumming-blue-uranium.solana-mainnet.quiknode.pro wss://thrumming-blue-uranium.solana-mainnet.quiknode.pro https://rpc.gunzchain.io https://api.infra.mainnet.somnia.network https://auth-api.infra.mainnet.somnia.network https://swr.xnftdata.com/rpc-proxy/ https://mainnet.megaeth.com/rpc https://rpc-gel.inkonchain.com https://rpc-animechain-39xf6m45e3.t.conduit.xyz/ https://wallets.opensea.io/ https://www.walletlink.org wss://www.walletlink.org https://pulse.walletconnect.org https://api.web3modal.org wss://relay.walletconnect.org https://metamask-sdk.api.cx.metamask.io https://mm-sdk-analytics.api.cx.metamask.io wss://metamask-sdk.api.cx.metamask.io https://chain-proxy.wallet.coinbase.com https://cca-lite.coinbase.com https://*.intercom.io https://*.intercomcdn.com https://*.intercomassets.com wss://*.intercom.io https://prod-mainnet-temp-uploads.s3.us-east-1.amazonaws.com https://api.moonpay.com https://moonpay.com https://auth.privy.io https://seadn-original-media.s3.us-east-1.amazonaws.com https://vitals.vercel-insights.com; img-src 'self' blob: data: https://opensea.io https://static.opensea.io https://*.featurebase-attachments.com https://fb-usercontent.fra1.cdn.digitaloceanspaces.com https://static.seadn.io https://raw2.seadn.io https://i2.seadn.io https://i2c.seadn.io https://image.mux.com https://stream.mux.com https://*.canarytokens.org/ https://canarytokens.org/ https://*.intercomcdn.com https://*.intercomassets.com https://cdnjs.cloudflare.com/ajax/libs/twemoji/ https://cdn.prod.website-files.com https://media.veefriends.com/ https://i.ibb.co/ https://app.hyperliquid.xyz/coins/ https://pbs.twimg.com https://abs.twimg.com; media-src 'self' blob: data: https://raw2.seadn.io https://static.seadn.io https://i2.seadn.io https://i2c.seadn.io https://image.mux.com https://stream.mux.com; font-src 'self' https://fonts.gstatic.com https://static.seadn.io/os2/tv_library/charting_library/; object-src 'none'; base-uri 'self' https://static.seadn.io/os2/tv_library/charting_library/; form-action 'self'; frame-ancestors 'self' https://wallets.opensea.io/ https://privy.wallets.opensea.io; frame-src 'self' https://wallets.opensea.io/ https://privy.wallets.opensea.io https://auth.privy.io https://*.moonpay.com https://i2.seadn.io https://i2c.seadn.io https://static.seadn.io https: blob:; block-all-mixed-content; upgrade-insecure-requests;\r\ncross-origin-opener-policy: unsafe-none\r\netag: \"9a179fa5f32adfc0f7813356277760ae\"\r\nlast-modified: Thu, 12 Mar 2026 19:35:46 GMT\r\nreferrer-policy: strict-origin\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: on\r\nx-frame-options: DENY\r\nx-matched-path: /icons/icon-192x192.png\r\nx-permitted-cross-domain-policies: none\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::rcr2v-1773345688583-872511d84ce6\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=Xqe.ZtkvRz3ENuDaIYm9PKb8PWifyyI2wgx09nG7ZKs-1773345688-1.0.1.1-d_K2YGfJsKFWi0vZjfSfn9juAPEMczUz36Yy3pQon7M7rKMCpFod7NPENycRJyLROMw1SDjP.95HRD3pOfV50n8gM0..iRd17cIx1WANzPk; path=/; expires=Thu, 12-Mar-26 20:31:28 GMT; domain=.opensea.io; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2794,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"9a179fa5f32adfc0f7813356277760ae","sha1":"14f97daa1d2cdb2a1463e936d73984fb990f072c","sha256":"f137adca66a8c0fa4621d3cb45b08bf5e7840430a81bd1a9caf20936e2dcd5d2","sha512":"5b7c38d60ce09957e014570276c1e100b49673e0974706033799ed08b267ec3a116e590d6a8751d2be76d36bdd56f5d819eff05c838d2605b470c2b89122ed74","ssdeep":"","tlshash":"3b514b834b2b5d7a80af7a70fef59dda4409aa79320b59685c38ea11e43985060297f3","first_seen":"2025-05-06T11:57:27.200674Z","last_seen":"2026-06-13T11:01:21.805505Z","times_seen":147,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":7,"connect":1,"send":0,"wait":95,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/favicon.ico","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://opensea.com.collector-with.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15406\r\nlast-modified: Tue, 09 Dec 2025 06:48:46 GMT\r\netag: \"6937c64e-3c2e\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"51611d612d7386519fac69e6eb72b66b","sha1":"24d452dfd4849013b213dab566636fcf73a567b2","sha256":"cbd260c72ab904f10e6da00db71093a188fdc99d500aca9e8aa7742b2f5b0ab7","sha512":"39595eba02ef1b9423ec59249b03b10651a7aa87792025d40ead5e626d330b11735b5bd8ed6d248a8a3da6e371ea5804feac5489e65fa5be8c9ca1497d37d24d","ssdeep":"96:sqeK0EbTHrk204yRhPYw2PUu7s8nYyZvIqGMaVB:sqeK9ehY3PN/pZvIqGhV","tlshash":"0a621d817931f280de14667625ee53f43eeb7f50b44af23a58e0b2702bbb44f6d12916","first_seen":"2025-05-02T13:30:26.984224Z","last_seen":"2026-06-13T11:01:21.806374Z","times_seen":100,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/secureproxy?e=jscdn/getFile","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://opensea.com.collector-with.com/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://opensea.com.collector-with.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"hjp7odscer0vqod5om4u\"}"}},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 11 Mar 2026 05:51:02 GMT\r\netag: W/\"328-64cb938992241\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-13T17:04:12.2375Z","times_seen":37547,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T20:01:27.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:27 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 11 Mar 2026 05:56:31 GMT\r\netag: W/\"69b1040f-20ce6\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":134374,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2566)","md5":"c3e83bfefab0cc007f8b5cb973b1b6a1","sha1":"9007b4244e3ca06717d5d1217a84f87e906a0016","sha256":"248971bc5957f6e2db43aebc7d746e8804f167d781528d3f3a6ce0b1172ede48","sha512":"ca8ddf51fb1d2fc87ea4a05281541600a3496f9cb1c650ff4d3f00367915a4ffcac64f332f9fa03e4ffb2aa0ceb195bb71448104a448f57ab553ed7575c27941","ssdeep":"3072:TS6PHCAOIs+37Oitsh4chGjj5tbJJokGCeQYlaBrUjBq51B4jlBcvYM41Y/0BmqR:m6PHCAOIs+37Oitsh4chG27SntFl0r","tlshash":"14d3e78173a70a2c3117035125f2e29ca05ff571fedfe89ab25e009ed9c35f4989e6a1","first_seen":"2026-03-12T20:01:58.23134Z","last_seen":"2026-03-12T20:04:14.30073Z","times_seen":2,"resource_available":false,"data":null}},"time_used":729,"timings":{"blocked":261,"dns":51,"connect":103,"send":0,"wait":204,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/superplugin-5.2.6.js","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"GET /superplugin-5.2.6.js HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://opensea.com.collector-with.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:28 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 11 Mar 2026 05:56:20 GMT\r\netag: W/\"69b10404-13c0a\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":80906,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b61c8669fd99c459b708dc7a4b083d66","sha1":"8a1ef12a792d2f720d01673cd65493d186e98b9e","sha256":"4179367438f142ffa5eb1ce64eee75c035e4caf557803c57944dfe3409216a3a","sha512":"fbf2ef59b2ea091bfb19d2c39f206c84f8153838e9d35227097275046b7833e734fe275d48d0b37457db16ca4efea0e9f808d4e678ad1c5e5f385b1bac6851a6","ssdeep":"768:LurO53c73Itjjpd4hNhB5cBZ6k1RKbLVgHEcjwecNjJcS7RyW9Wri5c6bcxAqtkX:0RI7Or2BZ69bLakcFqqtmLnFJEU","tlshash":"6a8352d5991bd4d89e1260ced833ec15e4281923cdadf1abba3cdec1782df26845713a","first_seen":"2026-03-12T20:01:58.234579Z","last_seen":"2026-03-12T20:04:14.304497Z","times_seen":2,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"opensea.com.collector-with.com/secureproxy.php?e=jscdn/getFile","fqdn":"opensea.com.collector-with.com","domain":"collector-with.com","tld":"com"},"ip":{"addr":"138.197.91.95","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://opensea.com.collector-with.com/","date":"2026-03-12T20:01:28.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"opensea.com.collector-with.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 04:54:29 GMT","end":"Tue, 09 Jun 2026 04:54:28 GMT"},"fingerprint":{"sha1":"5B:44:49:AA:A6:4A:19:43:91:8F:B9:DF:AC:A3:76:55:46:BF:AC:43","sha256":"B9:E7:4D:4E:8D:22:4F:E6:61:6B:6A:F2:63:C7:C3:73:BD:AC:ED:CA:8E:C1:55:39:97:27:E6:6D:6B:41:15:2D"}}},"request":{"raw":"POST /secureproxy.php?e=jscdn/getFile HTTP/1.1\r\nHost: opensea.com.collector-with.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://opensea.com.collector-with.com/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://opensea.com.collector-with.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"hjp7odscer0vqod5om4u\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 12 Mar 2026 20:01:29 GMT\r\ncontent-type: application/javascript\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PHP/8.4.18, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.4.18","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4064062,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6ccfd93628538d511441adbfe0f6a777","sha1":"82c305d6d4e0e7fb048fcacbf9fd09ba1ba1b829","sha256":"9ea86ed7c6082b18197189dfac274452cfde5f423d0885a9b567c7381b545a3d","sha512":"a681b6eda984ad88412e025552dc0e5a6cc149bd187b40bf230575f55266cf3cb3c6894a75729ccc0ea910086558f5ee88944b4baadabd13096c19a746368f0e","ssdeep":"24576:Y7M0RC8OaYM9rRIa0iSP+YnShY8C4/CaWvojTyh:Y5TGaG5RmC","tlshash":"ab2523c1ec7b999293988a9c753aec5d2260ad9186dd92df459cf8c330fdff1806246c","first_seen":"2026-03-12T20:01:58.23739Z","last_seen":"2026-03-12T20:04:14.309635Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1019,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1019,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"opensea.com.collector-with.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"opensea.com.collector-with.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}