Report - login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/

Report Overview

Submitted URL
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
IP
188.166.239.88
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-04-16 17:42:30
Access
public
Website Title
OpenSea, the largest NFT marketplace
Final URL
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bootstrap.smartsuppchat.com	43006	2014-02-02	2018-01-29	2024-04-09	531 B	377 B	35.157.201.139
lh3.googleusercontent.com	66	2008-11-17	2012-05-22	2024-04-16	1.1 kB	168 kB	142.250.74.97
www.smartsuppchat.com	46890	2014-02-02	2018-08-31	2024-04-14	417 B	714 kB	185.76.9.14
openseea.io-nft-marketplace.com	unknown	unknown	2021-10-19	2022-04-16	440 B	0 B	0.0.0.0
login-opensea.servebbs.net	unknown	2005-07-04	2024-04-08	2024-04-10	5.5 kB	2.4 MB	188.166.239.88
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	570 B	1.8 kB	142.250.74.74
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	2.7 kB	280 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	login-opensea.servebbs.net	Sinkholed
2024-04-16	medium	io-nft-marketplace.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/	418 B	2023-04-03	2024-04-16
Pretty URL login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/ IP 188.166.239.88 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-03 23:54:42 Last Seen2024-04-16 19:42:31 Times Seen44 Hash ba312fb3d72ca004dad840c2bce84faf 2f8292138596f0fbe302ce01bd67933dbe3254d0 c8e642143b24b8f98d8caf3a8f4b0c99162165203eafe946b7cadc0b8be9a867 Loading...

	login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/	403 B	2023-03-07	2024-04-16
Pretty URL login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/ IP 188.166.239.88 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:34 Last Seen2024-04-16 19:42:31 Times Seen57 Hash 9fd46b1973a43becf6c15f9922316d3b 61e6e3116bc98d12b2bd0cd3bf0d5eab4c453d8c e2b473cd9c50f7be555b8c96719ff0d344ef1a734479bbb9542e15b53a68eedb Loading...

	www.smartsuppchat.com/loader.js?	18 kB	2024-03-16	2024-04-26
Pretty URL www.smartsuppchat.com/loader.js? IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-16 01:54:59 Last Seen2024-04-26 22:37:48 Times Seen64 Hash 81305b6cf82502d98a33f6492752bec2 37c952f9cc5bed8153f4558592c34a37623e1388 71ab4858bd79a67b5c489a4e440cee8bd46bda4357ee7123df2bbf211fa35eb9 Loading...

HTTP Transactions (20)

URL IP Response Size

188.166.239.88

200 OK

27 kB

URL User Request GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
JavaScript source, ASCII text, with very long lines (1439)
Size
27 kB (27060 bytes)
Hash
8b845b991450da3cbff3d99e22341318
b65b9900b8c5b12098caa68676320cddc292b40e
8120d30b651e339f7c9d55f7b95e5df6b4c713505bc726d18fee4a50ce5959fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/ HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 09 Apr 2024 02:30:25 GMT
etag: "2a0f9-615a0b463e991-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 27060
content-type: text/html
date: Tue, 16 Apr 2024 17:42:04 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.74

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1179 bytes)
Hash
097f3f10895d11d34d1b9c878b0c3122
17b718f5cc2370b2baeebc38fa9c6f6958c44c46
00e9d6359a349813773674cf38753321b247157fc7fbd4c5a7ad224aa2f17f7a

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 17:42:04 GMT
date: Tue, 16 Apr 2024 17:42:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

188.166.239.88

200 OK

11 kB

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/css.css
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
Unicode text, UTF-8 text, with very long lines (579), with CRLF line terminators
Size
11 kB (11288 bytes)
Hash
94c5308556ac672c9220691b5b675aa6
055bdf24d5d2cbb178dcd6b1105cd4b36358d40e
ce01af3df5eac2c639967bc87a17029d443fb25ff7075ccb77efa0b2feb6b2ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/css.css HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Apr 2024 02:30:25 GMT
etag: "15b08-615a0b463e5a9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11288
content-type: text/css
date: Tue, 16 Apr 2024 17:42:04 GMT
server: Apache
X-Firefox-Spdy: h2

login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/static/images/logos/opensea.svg

188.166.239.88

200 OK

1.9 kB

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/static/images/logos/opensea.svg
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1922 bytes)
Hash
c7c3ed10e5c602fba31f6e93a6fbc957
3fa948ddaa2c1aa91fbb94527a7908f39896a887
8ae5fefbaeebd874dfebfc4b5ef2a251005ae26b0a7cb9bd531a1c131c44f6ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/static/images/logos/opensea.svg HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Apr 2024 02:30:25 GMT
etag: "f41-615a0b463f549-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1922
content-type: image/svg+xml
date: Tue, 16 Apr 2024 17:42:04 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.99

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-opensea.servebbs.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:54:11 GMT
expires: Fri, 11 Apr 2025 17:54:11 GMT
cache-control: public, max-age=31536000
age: 431274
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.99

200 OK

114 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 113660, version 1.0
Size
114 kB (113660 bytes)
Hash
7ab94ff0f2ce5804ea125fa67b9b8999
6dbc70baf4dfccb4e12f2dc5adb2487fb174b328
ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304

HTTP Headers

GET /s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-opensea.servebbs.net
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 113660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 14:48:03 GMT
expires: Fri, 11 Apr 2025 14:48:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 05 Oct 2021 00:04:22 GMT
content-type: font/woff2
age: 442442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.99

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-opensea.servebbs.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:09 GMT
expires: Wed, 16 Apr 2025 05:54:09 GMT
cache-control: public, max-age=31536000
age: 42476
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialiconsoutlined/v81/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2

142.250.74.99

200 OK

139 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialiconsoutlined/v81/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), CFF, length 139056, version 1.0
Size
139 kB (139056 bytes)
Hash
5501dc8c2999b927e92477d5ee6da4af
cc327f1322ca945527ac8cf9d3d5e09224fcc617
cfa0bc834b6369e204c47c6c234ed2784e2b7160b173ebe6c2e436fc0d052059

HTTP Headers

GET /s/materialiconsoutlined/v81/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-opensea.servebbs.net
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 139056
date: Tue, 16 Apr 2024 17:42:05 GMT
expires: Wed, 16 Apr 2025 17:42:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 05 Oct 2021 00:04:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.99

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login-opensea.servebbs.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:40:30 GMT
expires: Fri, 11 Apr 2025 17:40:30 GMT
cache-control: public, max-age=31536000
age: 432095
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bootstrap.smartsuppchat.com/widget/52c85e148b64300f559cb10a5af282ab5abb6132.json

35.157.201.139

403 Forbidden

57 B

URL GET HTTP/2
bootstrap.smartsuppchat.com/widget/52c85e148b64300f559cb10a5af282ab5abb6132.json
IP
35.157.201.139:443
ASN
#16509 AMAZON-02

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerAmazon
Subject*.smartsuppchat.com
Fingerprint08:52:3C:E6:2F:E0:6C:2F:E7:4F:21:41:0C:31:59:99:2E:0A:19:C3
ValidityThu, 01 Feb 2024 00:00:00 GMT - Sat, 01 Mar 2025 23:59:59 GMT

File type
JSON text data
Size
57 B (57 bytes)
Hash
471ad8674b65ae0302f71602143789ca
8cbb927ffa584a95af053f00149b47d8295719f3
1e3f60d29de08e299aa39aadee4c5c47414c0e6108298deb9ec78d14d62ed238

HTTP Headers

GET /widget/52c85e148b64300f559cb10a5af282ab5abb6132.json HTTP/1.1
Host: bootstrap.smartsuppchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://login-opensea.servebbs.net
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Tue, 16 Apr 2024 17:42:05 GMT
content-type: application/json; charset=utf-8
content-length: 57
x-version: 8b3ca176698fc26311ade373172146d69a1a7c02
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate
x-hit: redis
X-Firefox-Spdy: h2

188.166.239.88

404 Not Found

273 B

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/mc.yandex.ru/metrika/tag.js
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
HTML document, ASCII text
Size
273 B (273 bytes)
Hash
0fd7c6aa3f7a388ea91948afcf38a6d8
37ff7c1e820983c5fb6d2f01df045a625e75542e
f23fea54609b4c8a7114267872fb46c3c1fb823f0c0b21f8848e6604b9ddef55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/mc.yandex.ru/metrika/tag.js HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-length: 273
content-type: text/html; charset=iso-8859-1
date: Tue, 16 Apr 2024 17:42:05 GMT
server: Apache
X-Firefox-Spdy: h2

login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/static/images/logos/opensea-white.svg

188.166.239.88

200 OK

1.4 kB

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/static/images/logos/opensea-white.svg
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1385 bytes)
Hash
270535333a04e0f7c6c352a4f2eba9ca
cbc9913a2608de3e31025ed329d7e3be4987b977
d79ac289a5efb3158ff63a02ee4dbe102a69890f69302bce8ef05c989d4d4e76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/static/images/logos/opensea-white.svg HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Apr 2024 02:30:25 GMT
etag: "b73-615a0b463f549-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1385
content-type: image/svg+xml
date: Tue, 16 Apr 2024 17:42:05 GMT
server: Apache
X-Firefox-Spdy: h2

lh3.googleusercontent.com/eonJrv8-r-6Qvgwg5Skglh6933pT98syxcvAQY2uJ3ki40NBUkHTuOOtzqOZBMtWXB9II-IxrssCqkC2Oa1zZC4t8jKBQNiqo_Iu7H0=s80

142.250.74.97

200 OK

8.0 kB

URL GET HTTP/2
lh3.googleusercontent.com/eonJrv8-r-6Qvgwg5Skglh6933pT98syxcvAQY2uJ3ki40NBUkHTuOOtzqOZBMtWXB9II-IxrssCqkC2Oa1zZC4t8jKBQNiqo_Iu7H0=s80
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
8.0 kB (7954 bytes)
Hash
31402baa352792ae2ce1d8cc930f950e
6f30704c24e936f2f0e83571eca48c54cb0d5f40
af0c864deef73560b4e57bd4f601ba0232a7fd56b6a2024980cf8324a8fa157b

HTTP Headers

GET /eonJrv8-r-6Qvgwg5Skglh6933pT98syxcvAQY2uJ3ki40NBUkHTuOOtzqOZBMtWXB9II-IxrssCqkC2Oa1zZC4t8jKBQNiqo_Iu7H0=s80 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 17 Apr 2024 17:42:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 17:42:06 GMT
server: fife
content-length: 7954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lh3.googleusercontent.com/O3GDCDyaXbuewUTUFpjwXJNRFS_HDq28gijdvdIp7gFS8ZfsozfAa8-ja_NMAkw9RByZUXig2oqbpOnSFN325p4L94KoABQ3OP0VkRw=s550

142.250.74.97

200 OK

158 kB

URL GET HTTP/2
lh3.googleusercontent.com/O3GDCDyaXbuewUTUFpjwXJNRFS_HDq28gijdvdIp7gFS8ZfsozfAa8-ja_NMAkw9RByZUXig2oqbpOnSFN325p4L94KoABQ3OP0VkRw=s550
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 389x550, components 3
Size
158 kB (158495 bytes)
Hash
14b1a934c601aa956e32f901d1351905
7261821208944b378c9a37239265059a711ae14e
8595cc28dac64c34256cda75718a848ece2afceedc7124b3db2fb15e40283800

HTTP Headers

GET /O3GDCDyaXbuewUTUFpjwXJNRFS_HDq28gijdvdIp7gFS8ZfsozfAa8-ja_NMAkw9RByZUXig2oqbpOnSFN325p4L94KoABQ3OP0VkRw=s550 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 17 Apr 2024 17:42:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 17:42:06 GMT
server: fife
content-length: 158495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.smartsuppchat.com/loader.js?

185.76.9.14

200 OK

713 kB

URL GET HTTP/2
www.smartsuppchat.com/loader.js?
IP
185.76.9.14:443
ASN
#60068 Datacamp Limited

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerDigiCert Inc
Subject*.smartsuppchat.com
Fingerprint36:D1:7D:9F:9E:AC:39:FC:68:26:DD:2F:84:E5:67:52:DB:DC:F8:5E
ValidityMon, 04 Dec 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
713 kB (712872 bytes)
Hash
0379acf184b6743f483bfeb79710adfa
307629d1fb93035f6b0f76b93172987872ff5dce
740d7b27f68ba6f64c2fb0a042d927f98740eaae050c287f639bb6f736a77909

HTTP Headers

GET /loader.js? HTTP/1.1
Host: www.smartsuppchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:42:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 06:24:43 GMT
etag: W/"65fbd2ab-447f"
expires: Thu, 21 Mar 2024 06:31:31 GMT
cache-control: max-age=300, public, s-maxage=60
x-77-nzt: EwwBuUwJDQH3MwAAAAwBuUwKCQH3AgAAAAwBJRPCNAH3AAAAAA
x-77-nzt-ray: c0a4cc28671f7ded6cb81e66227ab036
x-accel-expires: @1713289333
x-accel-date: 1713289273
x-77-cache: HIT
x-77-age: 53
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 51
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

188.166.239.88

200 OK

590 B

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/favicon.ico
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
590 B (590 bytes)
Hash
5374cea6aba95ea9c9e06d47579b75b1
b03d87e7ae57e1bb8fd71479f945c815176f4365
172140b451123d46b93c313060ed5521c625da8b8a4cd7fdb911230cc32be130

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/favicon.ico HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Apr 2024 02:30:25 GMT
etag: "237-615a0b463e991-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 590
content-type: image/x-icon
date: Tue, 16 Apr 2024 17:42:06 GMT
server: Apache
X-Firefox-Spdy: h2

login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/efdot-promo-card.png

188.166.239.88

200 OK

799 kB

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/efdot-promo-card.png
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
PNG image data, 1306 x 1308, 8-bit/color RGB, non-interlaced
Size
799 kB (799089 bytes)
Hash
e24a7bf24b58578855e9d91d3f0c0932
58a104d8c9fa8e6474ef8c8a6907908de72112ee
a16be0428775601895afc17f307b70b51dfed4f83877cce9ff450a506736887c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/efdot-promo-card.png HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Oct 2021 04:52:06 GMT
etag: "c3171-5cdbc0640a980"
accept-ranges: bytes
content-length: 799089
content-type: image/png
date: Tue, 16 Apr 2024 17:42:05 GMT
server: Apache
X-Firefox-Spdy: h2

login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/soul-promocard2.jpg

188.166.239.88

200 OK

833 kB

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/soul-promocard2.jpg
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 784x784, components 3
Size
833 kB (832867 bytes)
Hash
c3d61992a99d13a88fbabc41279607fb
7d2b4a60d0a8a8f4e79174316255d2da8eba6c35
69529491a63eba3579f525612047442a2325d99e903f535c9f2c3e1be6a1b791

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/soul-promocard2.jpg HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 07:16:40 GMT
etag: "cb563-5cd95cf94a600"
accept-ranges: bytes
content-length: 832867
content-type: image/jpeg
date: Tue, 16 Apr 2024 17:42:05 GMT
server: Apache
X-Firefox-Spdy: h2

login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/ISO50-1K-Promo.jpg

188.166.239.88

200 OK

708 kB

URL GET HTTP/2
login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/ISO50-1K-Promo.jpg
IP
188.166.239.88:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Certificate
IssuerLet's Encrypt
Subjectlogin-opensea.servebbs.net
Fingerprint2E:36:62:13:46:A7:E0:71:43:57:7F:2C:3D:0D:D2:27:58:9F:7A:A2
ValiditySun, 07 Apr 2024 20:46:27 GMT - Sat, 06 Jul 2024 20:46:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3
Size
708 kB (707497 bytes)
Hash
3261722aca230b17c05d617cfb3deb78
95acd2c8642a0da3a7f7a6006068a71cdccb6387
3e9fb6deb6f8813f00937fd4f37fe7060a717dd6135d143d1a93b873e7b22e79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/storage.opensea.io/static/promocards/ISO50-1K-Promo.jpg HTTP/1.1
Host: login-opensea.servebbs.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 07 Oct 2021 00:27:38 GMT
etag: "acba9-5cdb854723280"
accept-ranges: bytes
content-length: 707497
content-type: image/jpeg
date: Tue, 16 Apr 2024 17:42:05 GMT
server: Apache
X-Firefox-Spdy: h2

openseea.io-nft-marketplace.com/

0.0.0.0

0 B

URL GET
openseea.io-nft-marketplace.com/
IP
0.0.0.0:0
ASN
#0

Requested by
https://login-opensea.servebbs.net/login_challenge/ca42470ba56840cda424cab93c5489a7/drops/rankings/0a4af/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: openseea.io-nft-marketplace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login-opensea.servebbs.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by