# tokenpocket.to — MALICIOUS

> Exercise caution with tokenpocket.to, a suspicious phishing domain newly created and actively monitored for potential threats.

## Summary
PhishDestroy has identified tokenpocket.to as a potentially malicious domain linked to generic phishing activities. Registered recently on January 22, 2026, this domain is currently classified under investigation due to its suspicious nature and association with fraudulent schemes.

Technically, tokenpocket.to resolves to the IP address 172.67.209.82 and was registered through NameSilo, LLC, a known registrar. Despite no detections reported by VirusTotal at this time, the domain’s recent creation date and active status raise concerns. The domain has not yet appeared on common blocklists but remains flagged for closer monitoring given these indicators.

Currently, tokenpocket.to remains active and under scrutiny by cybersecurity analysts. PhishDestroy advises caution and recommends that users avoid interaction with this domain until further intelligence is available. The ongoing investigation aims to provide timely updates as more data emerges.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Target brand: OKX
- Page title: TokenPocket - Your secure crypto

## Domain Intelligence
- Registered: 2026-03-07 03:07:01
- Registrar: NameSilo, LLC
- Country: US
- IP: 172.67.209.82
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["norm.ns.cloudflare.com", "rosalie.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "G-Data", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/0VyCDFZx/36f6c3b4c648.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a0f9e0ee-dd08-4e6b-9909-5936cef261ed
- Wayback Machine: https://web.archive.org/web/https://tokenpocket.to
- PhishDestroy: https://phishdestroy.io/domain/tokenpocket.to/
- LLM endpoint: https://phishdestroy.io/domain/tokenpocket.to/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tokenpocket.to/
Last updated: 2026-03-19