DANGEROUS

Crypto scam / wallet-drainer

Domain is only 72 days old. Signals match fake investment platforms and wallet drainers. Never connect a wallet, paste a seed phrase, or deposit crypto here.

Security Review

Is m.lighterde.top legit or a scam?

Our verdict:Dangerous· 16/100

Fake Lighter DEX clone on a 72-day-old domain pushing a $70k daily airdrop to drain wallets.

m.lighterde.topScanned 1h ago
0
Trust score
DANGEROUS
Score breakdown
Heuristics 19·MT 15
Screenshot of m.lighterde.topSee the live page ↓
Category tags
cryptophishing#crypto fraud#clone site#airdrop drainer90% MT confidence
Technical red flags (2)
Domain is 72 days oldScam-network signals (40/100)
Positive signals (4)
Antivirus clearNot on major blacklistsEncrypted connectionClean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
72 days old
Registered Apr 27, 2026
Intelligence
Dangerous
High likelihood · 90% confidence

Website Preview

Screenshot of m.lighterde.top
LIVE RENDER
m.lighterde.top

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

85
/ 100
Critical visual risk

Visual red flags detected in the screenshot

The site uses a generic cryptocurrency exchange template designed to lure users with promises of large daily airdrops and high-return futures trading. The lack of identifiable branding combined with high-value financial incentives is a common pattern for fraudulent investment platforms.

Visual risk85/100

What our vision model saw

6 signals

Prominent banner advertising a 'Daily Airdrop' of over $70,000 to entice users

Generic cryptocurrency exchange interface lacking unique branding or company name

Use of high-pressure financial incentives like 'Futures Benefits' and 'Daily Distribution'

Layout mimics the mobile application interface of major exchanges like MEXC or Binance

Presence of 'Loan' and 'IEO' icons which are common features in fraudulent crypto platforms

Unprofessional design with generic icons and a lack of verifiable corporate information

Intelligence

Advanced threat intelligence
Analysis
High scam likelihoodengineMT · Guardiantrust15/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The page title reads 'Lighter Dex' and the layout copies the mobile interface of the legitimate lighter.xyz exchange. Visual analysis shows prominent 'Daily Airdrop' banners and futures-trading promises that match known crypto-drainer patterns. The domain m.lighterde.top was registered only 72 days ago through Gname.com with privacy protection and has no business registration on file. Three independent sources already flag near-identical domains as phishing clones of the same project. No contact details, company address, or verifiable corporate information appear anywhere on the page. The combination of recent registration, cloned branding, and high-pressure financial incentives points to a wallet-draining operation.
Full dossier
Analysis complete

Page Content

The page displays a generic cryptocurrency exchange interface titled 'Lighter Dex' with no unique branding or company identifiers. A prominent banner advertises a 'Daily Airdrop' exceeding $70,000, alongside icons for 'Loan', 'IEO', and 'Futures Benefits'. No email address, phone number, or physical address is present anywhere on the site.

Infrastructure

The site loads from IP 104.21.63.23 with a clean abuse score and no prior reports. SSL is valid from Let's Encrypt with 76 days remaining. The only external domain loaded is static.cloudflareinsights.com. No login forms or wallet-connect prompts were detected in the initial scan, though the visual layout strongly suggests Web3 wallet interaction is the intended next step.

Domain History

The domain m.lighterde.top was registered 72 days ago on 2026-04-28 through Gname.com Pte. Ltd. with full privacy protection. No business registration records exist for the domain or its parent. The .top TLD is frequently abused by scam operators.

Web Reputation

Our antivirus network returned zero detections. However, three external sources document near-identical domains (lihgter-dex.xyz, app.lighter-dex.mom) as phishing clones of the real Lighter DEX project. Scam report aggregators assign the domain a trust score of 0/100, citing recent registration and hidden ownership. No positive reviews or legitimate business mentions were located.

What this means for you

Do not connect any wallet or enter credentials. The site is a documented clone pattern designed to steal cryptocurrency through fake airdrop or trading interfaces.

Risk Factors
5
  • Domain registered only 72 days ago with privacy-protected WHOIS.
  • Exact visual clone of legitimate lighter.xyz exchange with added fake airdrop lure.
  • Three independent sources already flag near-identical domains as phishing clones.
  • No business registration, contact details, or verifiable company information present.
  • High-pressure financial incentives ($70k daily airdrop) with no legitimate backing.
AI Recommendation
Do not visit the site or connect any wallet. If you already interacted with it, revoke approvals immediately through your wallet settings.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for m.lighterde.top, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Clones lighter.xyz
The page impersonates a well-known brand's site.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
3 scam reports
Key findings
7 headline facts from open-web research
  • Domain m.lighterde.top registered 2026-04-28 (72 days old as of July 2026)
  • ScamAdviser lists trust score 0/100; notes recent registration, hidden WHOIS owner (REDACTED FOR PRIVACY, GB address listed), low traffic, and iframe usage
  • Official Lighter DEX site is lighter.xyz / app.lighter.xyz (ZK rollup perp DEX on Ethereum with LIT token)
  • Multiple documented phishing clones of Lighter DEX exist (e.g., lihgter-dex.xyz flagged as scam mimicking app.lighter.xyz; app.lighter-dex.mom flagged as phishing)
  • No Trustpilot, ScamDoc, or direct user scam reports/complaints specifically naming m.lighterde.top found
  • Page title 'Lighter Dex' matches branding of the legitimate project; no other brand references detected
  • No positive reviews, business filings, or social media mentions of the exact subdomain located
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • ScamAdviseropen

    "m.lighterde.top has a slightly low trust score. ... This website has only been registered recently. ... This website is being iframed by another website. ... In summary, we checked m.lighterde.top and we are unsure if the website is legit."

  • PCRiskopen

    "We have examined the website (lihgter-dex[.]xyz) and found that it mimics the Lighter site, app.lighter.xyz. Fraudsters behind the fake page aim to trick visitors into taking steps that can lead to cryptocurrency theft."

  • PhishDestroyopen

    "PhishDestroy identifies app[.]lighter-dex[.]mom as a medium-risk phishing domain designed to mimic legitimate cryptocurrency trading platforms."

Impersonation / typosquat
Clone of lighter.xyz

Domain name 'lighterde.top' closely resembles 'Lighter DEX' branding of official lighter.xyz (app.lighter.xyz); multiple similar fake domains (lihgter-dex.xyz, lighter-dex.mom) documented as phishing clones of the same project

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Scam report databases list m.lighterde.top with a trust score of 0/100, noting recent registration and hidden ownership. PCRisk documented a near-identical domain (lihgter-dex.xyz) as a phishing clone of app.lighter.xyz designed to steal cryptocurrency. PhishDestroy flagged another variant (app.lighter-dex.mom) as a medium-risk phishing domain mimicking legitimate trading platforms. No positive reviews, business filings, or user complaints specifically naming this subdomain were located.

Domain Timeline

  1. Apr 27, 2026
    Domain registered

    First appeared in WHOIS records — 2 months old today.

  2. Jul 9, 2026
    Latest security review — Flagged as dangerous

    This scan re-ran every check; the current findings are detailed above.

m.lighterde.top was registered very recently and is already flagged. Freshly-registered domains are disproportionately used for scams, and a young domain with active threat signals warrants extra caution.

Threat Detection

Scam Network

Cross-site correlation

This site shares signals with a broader cluster

High correlation

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Evidence confirms this site is a clone of lighter.xyz.
  • Short name on low-trust .top TLD — over-represented on scam farms.
Linked signals (2)
Clone of lighter.xyzPattern · LOW Trust TLD

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious57Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

1 of 14 categories showed signals

We check every URL against 14 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Crypto Fraud
Crypto Fraud
Moderate likelihood
45/100
  • AI analyst tagged this as crypto fraud / wallet-drainer.
  • AI analyst tagged this as an airdrop / drainer.

Technical Details

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Domain History
Age72 days old
RegistrarGname.com Pte. Ltd.
RegisteredApr 27, 2026
ExpiresApr 27, 2027
Owner privacyHidden
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · YE1
ExpiresSep 24, 2026 (76d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS
Web servercloudflare

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

What to do

Crypto scam / wallet-drainer indicators

The page shows patterns common to crypto-investment scams, fake airdrops, and wallet drainers.

  • Do not interact with m.lighterde.top

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Never paste your seed phrase anywhere

    Legitimate wallets, exchanges and support staff will never ask for your 12/24-word recovery phrase. Typing it into any website — even one that looks real — gives attackers full access to your funds.

  • If you already connected a wallet

    Revoke token approvals immediately using revoke.cash or Etherscan's Token Approvals tool. Move remaining funds to a fresh wallet (new seed phrase). Assume the original wallet is compromised.

  • Report the wallet and URL

    File a report at IC3 (FBI Internet Crime Complaint Center) or your country's cybercrime portal. Recovery is unlikely, but reports help law enforcement map the network.

    Open

Safer Alternatives

Trying to handle crypto? Use a safe option instead

Dealing with crypto? Use a regulated, well-established exchange rather than an unknown site — and never connect your wallet or enter a seed phrase on a page you can't verify.

Suggestions for safety only — not endorsements. Always verify the address bar before signing in or paying, even on well-known sites.

Final Verdict

0
Trust / 100
Final Verdict·m.lighterde.top
DANGEROUS

This is a fake Lighter DEX crypto trading site. The 72-day-old domain clones the real lighter.xyz project and advertises a $70,000 daily airdrop to lure users into connecting wallets.

Do not visit the site or connect any wallet. If you already interacted with it, revoke approvals immediately through your wallet settings.

AV engines
92
Domain age
72 days
Flagged
0
Scan another URL
Security review completemalwaretips.com/url-scan

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags m.lighterde.top as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — m.lighterde.top scored 16/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. m.lighterde.top presents a valid TLSv1.3 certificate issued by Let's Encrypt · YE1, expiring in 76 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • m.lighterde.top is 2 months old, registered on 4/27/2026 through Gname.com Pte. Ltd.. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 92 antivirus engines in our malware network report m.lighterde.top as clean.
  • No. m.lighterde.top is not currently listed on the major browser blocklist feeds that modern browsers use.
  • m.lighterde.top resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on July 9, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around m.lighterde.top have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.
Recently scanned

Other Dangerous reports

Browse all reports
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.