opensea.io.listings-offer.com
24.199.113.255 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://opensea.io.listings-offer.com/profile/ 1mo old
Effective URL:
https://opensea.io.listings-offer.com/profile/ 1mo old
Submission Tags: phishdestroy
Submission: On April 08 via api (April 8th 2026, 6:29:55 pm UTC) from DE — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 24.199.113.255, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is opensea.io.listings-offer.com. 1mo old
TLS certificate: Issued by R13 on March 25th 2026. Valid for: 3mo.

This is the only time opensea.io.listings-offer.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Opensea (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
13	24.199.113.255 24.199.113.255	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.16.175.226 104.16.175.226	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
26	5

13 24.199.113.255 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

opensea.io.listings-offer.com 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.17.25.14 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.26.13.205 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.ipify.org 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.16.175.226 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
13	listings-offer.com opensea.io.listings-offer.com 1mo old	3 MB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 1517 11yr old	207 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 239 13yr old	143 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 265 13yr old	54 KB
26	4

	Domain	Requested by
13	opensea.io.listings-offer.com	opensea.io.listings-offer.com
2	api.ipify.org	opensea.io.listings-offer.com
2	cdnjs.cloudflare.com	opensea.io.listings-offer.com
1	cdn.jsdelivr.net	opensea.io.listings-offer.com
26	4

This site contains no links.

Subject Issuer	Validity	Valid
opensea.io.listings-offer.com R13	`2026-03-25` - `2026-06-23`	3mo	crt.sh
cdnjs.cloudflare.com WE1	`2026-03-14` - `2026-06-12`	3mo	crt.sh
ipify.org WE1	`2026-03-01` - `2026-05-30`	3mo	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	1yr	crt.sh

This page contains 1 frames:

Primary Page: https://opensea.io.listings-offer.com/profile/
Frame ID: 41CA0A4AD7D2BA45CF51CE9F55D5E548
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connect wallet | OpenSea

Page URL History Show full URLs

http://opensea.io.listings-offer.com/profile/ HTTP 307
https://opensea.io.listings-offer.com/profile/ Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net

cdnjs (CDN) Expand

Overall confidence: 100%
Detected patterns

cdnjs\.cloudflare\.com

crypto-js (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d\.-]+))?/crypto-js(?:\.min)?\.js

ipify (Geolocation) Expand

Overall confidence: 100%
Detected patterns

\.ipify\.org

Page Statistics

26
Requests

69 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

3225 kB
Transfer

12440 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://opensea.io.listings-offer.com/profile/ HTTP 307
https://opensea.io.listings-offer.com/profile/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
opensea.io.listings-offer.com/profile/
Redirect Chain

http://opensea.io.listings-offer.com/profile/
https://opensea.io.listings-offer.com/profile/

131 KB
19 KB

788ms
457ms

Document
text/html

24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/profile/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d497a431946083f77467a17f048dfa8bfb52ca2af3e0d514cf5b2d467ea541ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Response headers

content-encoding: br
content-type: text/html
date: Wed, 08 Apr 2026 18:29:56 GMT
etag: W/"69d4f831-20cec"
last-modified: Tue, 07 Apr 2026 12:27:29 GMT
server: nginx
x-powered-by: PleskLin

Redirect headers

Location: https://opensea.io.listings-offer.com/profile/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 fd7f859e-908153b05181.min.js Show response
opensea.io.listings-offer.com/profile/ 72 KB
17 KB 340ms
339ms Script
text/javascript 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/profile/fd7f859e-908153b05181.min.js
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: fa0123979aad343314aec89e5863dd0721a02215ad51edf12ca26e3b02183031

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:29:56 GMT
etag: W/"69d4f7e9-12197"
content-type: text/javascript
last-modified: Tue, 07 Apr 2026 12:26:17 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 b900569f863a730f.css
opensea.io.listings-offer.com/profile/ 161 KB
24 KB 195ms
194ms Stylesheet
text/css 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/profile/b900569f863a730f.css
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 589f4179473cda7f19379f2358585c382a92d38a25fa4aa33ecc0eda7e3bf267

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:29:56 GMT
etag: W/"6937c64e-28461"
content-type: text/css
last-modified: Tue, 09 Dec 2025 06:48:46 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 f3ea6aea02c57edc.css
opensea.io.listings-offer.com/profile/ 2 KB
583 B 203ms
203ms Stylesheet
text/css 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/profile/f3ea6aea02c57edc.css
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 10715d12fbd17d923a388963cf26c7272927d6c5fa55573256cfb10fa354dcff

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:29:56 GMT
etag: W/"6937c64e-72d"
content-type: text/css
last-modified: Tue, 09 Dec 2025 06:48:46 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 css2-1.css
opensea.io.listings-offer.com/profile/ 7 KB
716 B 346ms
345ms Stylesheet
text/css 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/profile/css2-1.css
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 673efc1392c23c179e818ed5a87a15c4c73b015995d1e6d7b021300935ffc337

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:29:56 GMT
etag: W/"6937c648-1a01"
content-type: text/css
last-modified: Tue, 09 Dec 2025 06:48:40 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 favicon.ico
opensea.io.listings-offer.com/profile/ 15 KB
15 KB 168ms
168ms Other
image/vnd.microsoft.icon 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/profile/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cbd260c72ab904f10e6da00db71093a188fdc99d500aca9e8aa7742b2f5b0ab7

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

etag: "6937c64e-3c2e"
accept-ranges: bytes
content-length: 15406
date: Wed, 08 Apr 2026 18:29:56 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 09 Dec 2025 06:48:46 GMT
server: nginx
x-powered-by: PleskLin

POST
H2 404 secureproxy Show response
opensea.io.listings-offer.com/ 808 B
501 B 310ms
309ms Fetch
text/html 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/secureproxy?e=jscdn/getFile
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/fd7f859e-908153b05181.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:29:57 GMT
etag: W/"328-64dd396b7ccc9"
content-type: text/html
last-modified: Wed, 25 Mar 2026 06:43:42 GMT
server: nginx

POST
H2 404 secureproxy.php Show response
opensea.io.listings-offer.com/ 16 B
125 B 320ms
320ms Fetch
text/html 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/secureproxy.php?e=jscdn/getFile
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/fd7f859e-908153b05181.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PHP/8.4.19
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:29:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.4.19
server: nginx

POST
H2 200 secureproxy.php Show response
opensea.io.listings-offer.com//profile/ 4 MB
3 MB 1141ms
1140ms Fetch
application/javascript 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=jscdn/getFile
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/fd7f859e-908153b05181.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PHP/8.4.19, PleskLin
Resource Hash: fb09403be7c45b3d717096655d246934e9a991eb27fdd58d3a2e6886985681f0

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?1

Response headers

vary: Accept-Encoding
access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
date: Wed, 08 Apr 2026 18:29:58 GMT
content-type: application/javascript
x-powered-by: PHP/8.4.19, PleskLin
server: nginx
access-control-allow-headers: *

GET
BLOB 200
OK 786b512b-aa2d-4647-8c7e-209565dbea92 Show response
https://opensea.io.listings-offer.com/ 4 MB
0 Script
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://opensea.io.listings-offer.com/786b512b-aa2d-4647-8c7e-209565dbea92
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/fd7f859e-908153b05181.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb09403be7c45b3d717096655d246934e9a991eb27fdd58d3a2e6886985681f0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Referer

Response headers

Content-Type: application/javascript
Content-Length: 4041982

GET
BLOB 200
OK b687cd80-0acc-4c80-af39-94be90ddbcdd Show response
https://opensea.io.listings-offer.com/ 254 KB
0 Script
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://opensea.io.listings-offer.com/b687cd80-0acc-4c80-af39-94be90ddbcdd
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60b89c0c92cf57329c8590a2c5540cece4def64e4e7bf04f2d39b8ffa3b2748

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Referer

Response headers

Content-Type: application/javascript
Content-Length: 259964

GET
BLOB 200
OK 0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a Show response
https://opensea.io.listings-offer.com/ 3 MB
0 Script
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Requested by: Host: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com/profile/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4313089ae4aeb7fa0f7aa5122a9c2d52f9002f8ba9ffdd70b44daf9951b009d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Referer

Response headers

Content-Type: application/javascript
Content-Length: 2960205

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 59 KB
20 KB 37ms
15ms Script
application/javascript 104.17.25.14
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

Requested by

Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65384d58-4ca5"
age: 99021
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ni1sC8nGol7wxglVaGw6moqLTfKg2lX3JtGJirPEhnvSfRcy0P7%2BPeAAuXXTmymXeeHpp5AA0HzcrbwzHjTVvN7kpFxJVYbazbTzjOSGLfiS4M6Ytgb5WWFkdKE7Kzs7kcXWb68E"}]}
x-content-type-options: nosniff
expires: Mon, 29 Mar 2027 18:30:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9e935747ab061b48-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19621
server: cloudflare

GET
H3 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 18ms
18ms Script
application/javascript 104.17.25.14
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "62ad87d5-1eb91"
age: 99818
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cmTmza%2FyW5%2BGnXsmwZl5Qod%2FAuwu1UKMnDsaeLSJrKSJ9bEoV1sUJqeeKHwWAeK%2FQnuGqnd%2Fqi8lwwP870JTjpqRjP5neCo1uHr1aI8r74fiOMByXKDdgTdaWBpskquftkuH3D7J"}]}
x-content-type-options: nosniff
expires: Mon, 29 Mar 2027 18:30:02 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9e935747cb901b48-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 125841
server: cloudflare

GET
H2 200 / Show response
api.ipify.org/ 13 B
142 B 141ms
103ms Fetch
text/plain 104.26.13.205
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced4869b4d0c6f9dfb5babb4c15b6be09a26e2347772a48839c7545453156e29

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

cf-cache-status: DYNAMIC
cf-ray: 9e9357489d2a921a-FRA
access-control-allow-origin: *
content-length: 13
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: text/plain
vary: Origin
server: cloudflare

GET
H2 404 secureproxy Show response
opensea.io.listings-offer.com/ 808 B
501 B 180ms
180ms Fetch
text/html 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/secureproxy?e=ping_proxy
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:30:02 GMT
etag: W/"328-64dd396b7ccc9"
content-type: text/html
last-modified: Wed, 25 Mar 2026 06:43:42 GMT
server: nginx

GET
H2 200 / Show response
api.ipify.org/ 13 B
65 B 239ms
98ms Fetch
text/plain 104.26.13.205
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced4869b4d0c6f9dfb5babb4c15b6be09a26e2347772a48839c7545453156e29

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

cf-cache-status: DYNAMIC
cf-ray: 9e9357493dca921a-FRA
access-control-allow-origin: *
content-length: 13
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: text/plain
vary: Origin
server: cloudflare

GET
H2 200 merkletree.js Show response
cdn.jsdelivr.net/npm/merkletreejs@latest/ 233 KB
54 KB 75ms
17ms Script
application/javascript 104.16.175.226
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

Requested by

Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.175.226 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

726fc8775a8aa08138293a5955dd14f9c2cb8b566f1c577f5d39c986bceab3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"3a393-ow5VcB3yNddBHZ9Yv78eUVMKtdU"
age: 6592
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KZH%2FIlphlp3yeGgfngVXUjYD9qSnYLwA86en9M4d1OEH3%2Fts%2Fg1UfFtu%2FdDNE6rH9kevjn2kYy2Za1NkQiEBZgpiQAeSyMUM1wCM48KR%2FL%2FCBEytsxauEiArb%2BccKf%2BqdVw%3D"}]}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220102-FRA, cache-bma-essb1270022-BMA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9e935748b84818e6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54223
server: cloudflare
x-jsd-version: 0.6.0

GET
H2 404 secureproxy.php Show response
opensea.io.listings-offer.com/ 16 B
125 B 354ms
354ms Fetch
text/html 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com/secureproxy.php?e=ping_proxy
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PHP/8.4.19
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

content-encoding: br
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.4.19
server: nginx

GET
H2 200 secureproxy.php Show response
opensea.io.listings-offer.com//profile/ 4 B
262 B 173ms
173ms Fetch
text/plain 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=ping_proxy
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PHP/8.4.19, PleskLin
Resource Hash: 9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?1

Response headers

vary: Accept-Encoding
access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 24
date: Wed, 08 Apr 2026 18:30:02 GMT
content-type: text/plain;charset=UTF-8
x-powered-by: PHP/8.4.19, PleskLin
server: nginx
access-control-allow-headers: *

POST secureproxy.php
opensea.io.listings-offer.com//profile/ 0
0

POST
H2 200 secureproxy.php Show response
opensea.io.listings-offer.com//profile/ 0
211 B 573ms
570ms XHR
application/javascript 24.199.113.255
DigitalOcean

General

Check archive.org

Download Go to

Full URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=/jscdn/getStatic
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.199.113.255 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx / PHP/8.4.19, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Android"
Referer: https://opensea.io.listings-offer.com/profile/
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
sec-ch-ua: "Chromium";v="125", "Google Chrome";v="125", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?1

Response headers

access-control-max-age: 3600
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Apr 2026 18:30:03 GMT
content-type: application/javascript
x-powered-by: PHP/8.4.19, PleskLin
server: nginx
access-control-allow-headers: *

POST secureproxy.php
opensea.io.listings-offer.com//profile/ 0
0

GET
BLOB 200
OK 8161cfb5-482e-45e3-9340-64648bc2b16a Show response
https://opensea.io.listings-offer.com/ 0
0 Script
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://opensea.io.listings-offer.com/8161cfb5-482e-45e3-9340-64648bc2b16a
Requested by: Host: opensea.io.listings-offer.com
URL: blob:https://opensea.io.listings-offer.com/0d6a9ed2-f415-4aae-b3a1-0b2ae0245c0a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Referer

Response headers

Content-Type: application/javascript
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=/jscdn/getStatic

Domain: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=/jscdn/getStatic

Domain: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=/jscdn/getStatic

Domain: opensea.io.listings-offer.com
URL: https://opensea.io.listings-offer.com//profile/secureproxy.php?e=/jscdn/getStatic

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Opensea (Crypto)

32 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			opensea.io.listings-offer.com/	1970-01-21 22:50:33	Name: gacfxdn1x7 Value: 2iWg57tJ2Rual7e

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://opensea.io.listings-offer.com/profile/(Line 5) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E0E71C841B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://opensea.io.listings-offer.com/secureproxy?e=jscdn/getFile Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://opensea.io.listings-offer.com/secureproxy.php?e=jscdn/getFile Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://opensea.io.listings-offer.com/secureproxy?e=ping_proxy Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://opensea.io.listings-offer.com/secureproxy.php?e=ping_proxy Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
opensea.io.listings-offer.com
opensea.io.listings-offer.com
104.16.175.226
104.17.25.14
104.26.13.205
24.199.113.255
10715d12fbd17d923a388963cf26c7272927d6c5fa55573256cfb10fa354dcff
589f4179473cda7f19379f2358585c382a92d38a25fa4aa33ecc0eda7e3bf267
673efc1392c23c179e818ed5a87a15c4c73b015995d1e6d7b021300935ffc337
726fc8775a8aa08138293a5955dd14f9c2cb8b566f1c577f5d39c986bceab3a9
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2
b60b89c0c92cf57329c8590a2c5540cece4def64e4e7bf04f2d39b8ffa3b2748
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
cbd260c72ab904f10e6da00db71093a188fdc99d500aca9e8aa7742b2f5b0ab7
ced4869b4d0c6f9dfb5babb4c15b6be09a26e2347772a48839c7545453156e29
d497a431946083f77467a17f048dfa8bfb52ca2af3e0d514cf5b2d467ea541ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4313089ae4aeb7fa0f7aa5122a9c2d52f9002f8ba9ffdd70b44daf9951b009d
fa0123979aad343314aec89e5863dd0721a02215ad51edf12ca26e3b02183031
fb09403be7c45b3d717096655d246934e9a991eb27fdd58d3a2e6886985681f0

opensea.io.listings-offer.com 24.199.113.255 Malicious Activity! Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

69 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

3225 kBTransfer

12440 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Window variables

1 Cookies

5 Console Messages

Indicators

opensea.io.listings-offer.com
24.199.113.255 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

26
Requests

69 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

3225 kB
Transfer

12440 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!