# sso-lezrr-desk-io.pages.dev — MALICIOUS

> PhishDestroy identifies sso-lezrr-desk-io.pages.dev as a crypto drainer phishing domain flagged by 13 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies the domain sso-lezrr-desk-io.pages.dev as hosting an active crypto drainer phishing campaign, currently in operation. This threat mimics legitimate authentication portals to deceive users into connecting crypto wallets or submitting credentials, which are then drained by attackers. The infrastructure is designed to exploit trust in cloud-hosted services, specifically leveraging Cloudflare Pages to host malicious content under a plausible domain structure.


This domain was flagged by 13 of 95 VirusTotal security vendors, indicating significant malicious activity. Registered through Cloudflare, Inc., the domain resolves to IP address 188.114.97.3. It holds a Google Trust Services SSL certificate, despite its malicious nature. Google Safe Browsing has classified this domain under the SOCIAL_ENGINEERING category, further confirming its deceptive intent. The domain was created recently and is actively being used to target users in phishing operations.


The current status of sso-lezrr-desk-io.pages.dev remains active, posing a high risk to users who may interact with it. PhishDestroy strongly recommends avoiding any interaction with this domain, including clicking links or entering credentials. Users should verify the legitimacy of any unexpected authentication requests or wallet connection prompts by cross-referencing official sources. Employ multi-factor authentication (MFA) and hardware wallets where possible to mitigate risks. Block this domain and IP at the network level to prevent further exposure. Report any encounters with this domain to PhishDestroy for further analysis and community protection.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cd3942e4-d98c-4dab-bc23-6af77ee01d82
- PhishDestroy: https://phishdestroy.io/domain/sso-lezrr-desk-io.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sso-lezrr-desk-io.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sso-lezrr-desk-io.pages.dev/
Last updated: 2026-03-31