# start-ldger-e.pages.dev — MALICIOUS

> start-ldger-e.pages.dev is a verified crypto drainer flagged by 17 of 95 VirusTotal vendors. Protect your assets with real-time threat intelligence.

## Summary
PhishDestroy identifies start-ldger-e.pages.dev as an active crypto drainer site currently engaged in malicious operations. This domain is confirmed to be associated with unauthorized cryptocurrency fund extraction, posing an elevated risk to potential victims. The threat actor behind this infrastructure is actively leveraging deceptive tactics to trick users into connecting their wallets or entering sensitive credentials.  

This domain was flagged by 17 of 95 VirusTotal vendors, indicating widespread recognition of its malicious intent. It resolves to IP address 172.66.47.120 and operates under a Google Trust Services SSL certificate. Registered through Cloudflare, Inc., the domain’s infrastructure is designed for anonymity and rapid deployment, complicating traditional takedown efforts. The presence of a valid SSL certificate further masks its malicious nature, potentially deceiving security tools and end users alike.  

Given the confirmed status and elevated risk associated with start-ldger-e.pages.dev, immediate action is required. Users are strongly advised to avoid interacting with this domain and to review their transaction histories for any signs of unauthorized activity. Organizations should consider blocking this domain at the network level and updating threat intelligence feeds to include it. Security teams are encouraged to monitor for similar infrastructure and report any observed activity to relevant cybersecurity authorities for rapid mitigation.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.120

## Detection Status
- VirusTotal: 17 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/90f0df6b-57a6-4c88-b65e-ad7fc81849ab
- PhishDestroy: https://phishdestroy.io/domain/start-ldger-e.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/start-ldger-e.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/start-ldger-e.pages.dev/
Last updated: 2026-03-22