# leder-live-se-desktop.pages.dev — SUSPICIOUS

> PhishDestroy identifies leder-live-se-desktop.pages.dev as a crypto drainer targeting unsuspecting users. VirusTotal shows 0/95 detections. Avoid this scam.

## Summary
PhishDestroy’s automated pipeline flagged leder-live-se-desktop.pages.dev for hosting a crypto-asset drainer kit that surreptitiously siphons tokens from infected wallets. The domain masquerades as a legitimate software update portal, coercing victims into connecting their wallets before delivering a malicious payload. No specific brand was impersonated in this campaign, indicating the actors are opportunistically distributing generic drainer code rather than a targeted brand spoof.  

Technical indicators confirm the threat: VirusTotal currently scores the page 0/95 detections, the domain was registered through Cloudflare, Inc., and it resolves to 172.66.46.253. Google’s Safe Browsing (GSB) has not yet flagged the domain, and historical WHOIS data indicates a recent creation date consistent with active abuse. These factors classify the site as a novel but escalating threat vector within the crypto-draining ecosystem.  

The domain remains active as of seed 654769, with PhishDestroy’s takedown request pending Cloudflare’s review. Users are advised to blacklist 172.66.46.253, disable auto-connect for unknown domains, and verify wallet connections via hardware-signed messages. Remaining risk is high until the page is deactivated, as drainer kits evolve to bypass browser-based defenses.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.253

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b13ceec8-5a46-4852-8a9a-bef11d6a6b0e
- PhishDestroy: https://phishdestroy.io/domain/leder-live-se-desktop.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leder-live-se-desktop.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leder-live-se-desktop.pages.dev/
Last updated: 2026-03-22