This NFT on OpenSea Will Steal Your IP Address
https://www.vice.com/en/article/xgdvaz/nft-steal-ip-address-opensea

>NFTs are usually passive affairs. A consumer buys the token, and then sells or stores the NFT. The NFT doesn’t really do anything.
>
>Some new NFTs are being used to harvest viewers’ IP addresses, though, in a demonstration of how NFT marketplaces like OpenSea allow vendors, or attackers, to load custom code when someone simply views an NFT listing.
>
>“We've been researching a lot of problems in the NFT space (with more of a focus on fraud) and one of the things we were playing around with was different XSS attacks on websites that display NFTs which is when I realized we could get OpenSea to load HTML pages,” Nick Bax, head of research at NFT organization Convex Labs, told Motherboard in an online chat. XSS refers to cross site scripting attacks, one of several different kinds of attack that someone could use an NFT for.
>...

Just say No to NFT's.