# lineamoon.fun — SUSPICIOUS

> lineamoon.fun impersonates Linea to deploy crypto drainers. 1/95 security tools flagged it—verify sites with PhishDestroy before use.

## Summary
PhishDestroy identifies lineamoon.fun as a High-risk brand impersonation site actively masquerading as Linea to deploy crypto drainers.

This domain was flagged with a 1/95 detection ratio on VirusTotal, confirming its malicious nature. It resolves to IP 64.29.17.65 and is registered via HOSTINGER operations, UAB. The site remains active with no current blocklist presence, indicating it is a fresh or evasive campaign.

To mitigate risk, avoid interacting with any Linea-branded links or sites. Verify URLs using PhishDestroy’s real-time scanner before trusting them. If you suspect exposure, revoke any wallet connections immediately and scan for unauthorized transactions. Exercise caution with unsolicited Linea-themed communications or airdrop offers, as they may lead to drainer scripts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP ?)
- Target brand: Linea

## Domain Intelligence
- Registrar: HOSTINGER operations, UAB
- IP: 64.29.17.65

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- PhishDestroy: https://phishdestroy.io/domain/lineamoon.fun/
- LLM endpoint: https://phishdestroy.io/domain/lineamoon.fun/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lineamoon.fun/
Last updated: 2026-03-26