OpenSea phishing domains

Newly registered lookalikes - tracked daily

OpenSea phishing domains

Newly registered lookalikes - tracked daily

Tracked (7d)

New (24h)

vs avg

—

Website: opensea.io
About: AINFT marketplace phishing. Wallet-drain pages targeting users to sign malicious transactions or list NFTs at unexpected prices.
TLDs: .cfd (1) · .xyz (1) · .com (1)
Hosts: Amazon.com, Inc. (1)
Countries: United States (1)

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

Last check (UTC)	First seen (UTC) ▾	URL	Details
2026-06-09 01:45	2026-06-09 01:45	https://opensea.cfd	Details
2026-06-05 02:43	2026-06-05 02:43	https://openseam.xyz	Details
2026-06-04 02:42	2026-06-04 02:42	https://openseatin.com	Details

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

URL	Screenshot	Details
https://opensea.cfd		Details
https://openseam.xyz		Details
https://openseatin.com		Details

AIHow to verify a real OpenSea URL

Legitimate OpenSea URLs always end in opensea.io (e.g. www.opensea.io, account.opensea.io). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not OpenSea.
The domains listed above were registered within the last 7 days. New-domain age is itself a signal — OpenSea has owned opensea.io for years; brand-new look-alikes are almost never legitimate.
If you got the link from email, SMS, or social media, do not click it. Open opensea.io from your browser bookmark or type the domain manually.
Real OpenSea pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.