# lineatoken.top — SUSPICIOUS > lineatoken.top is a brand impersonation site mimicking OKX. Detected by 0/95 VirusTotal engines. Avoid interaction immediately. ## Summary PhishDestroy identifies lineatoken.top as a newly registered domain actively impersonating the global cryptocurrency exchange OKX. This site poses a direct brand impersonation risk, specifically designed to deceive users into connecting crypto wallets and executing unauthorized token transfers. Security analysts classify this as a crypto drainer deployment under active investigation, with confirmed live infrastructure and zero VirusTotal detections at time of discovery. Users should treat this domain as hostile and refrain from any interaction until further notice. The site leverages the reputation of OKX to trick visitors into authorizing malicious wallet transactions that transfer funds to attacker-controlled addresses. This is not a theoretical threat — it is a live operational campaign targeting crypto users through brand abuse and domain spoofing. This domain was flagged through automated threat monitoring on August 06, 2025, the same day it was created. Threat intelligence reveals it resolves to IP address 45.12.2.67 and uses a Let's Encrypt SSL certificate for credibility. It is registered through NameSilo, LLC, a domain registrar known for low-friction registrations that are frequently abused in phishing and impersonation campaigns. VirusTotal scanning at time of discovery returned 0 detections out of 95 engines, indicating it remains undetected by most antivirus and security platforms. The domain name lineatoken.top closely mimics legitimate crypto token naming conventions, increasing the likelihood of accidental visits from users expecting OKX-related services. If you visited lineatoken.top, do not connect any cryptocurrency wallets or enter any credentials. Disconnect immediately and revoke any wallet connections through your wallet’s dApp browser settings or official wallet application. Scan your device with updated antivirus software and consider rotating all private keys or using a new wallet address if you authorized any connections. Report the domain to your security team and to the legitimate brand being impersonated (OKX) via their official phishing reporting channels. Monitor your wallet and transaction history for unauthorized transfers. Never rely solely on SSL indicators — lineatoken.top uses a valid Let’s Encrypt certificate, yet remains a confirmed impersonation site. Stay vigilant, verify domains carefully, and always access crypto platforms directly through official URLs or bookmarks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: OKX ## Domain Intelligence - Registered: 2025-08-06 21:01:20 - Registrar: NameSilo, LLC - IP: 45.12.2.67 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/lineatoken.top - PhishDestroy: https://phishdestroy.io/domain/lineatoken.top/ - LLM endpoint: https://phishdestroy.io/domain/lineatoken.top/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/lineatoken.top/ Last updated: 2026-04-06