# start-ledge-e-ng.pages.dev — MALICIOUS

> start-ledge-e-ng.pages.dev is a credential harvesting phishing domain with 15/95 detections. Check the full report.

## Summary
PhishDestroy identifies start-ledge-e-ng.pages.dev as an active credential harvesting domain posing an elevated risk to users. This domain, registered through Cloudflare, Inc., is currently leveraging Google Trust Services SSL certificates to impersonate legitimate services while exfiltrating sensitive authentication data. The infrastructure, resolving to IP 188.114.96.3, is actively engaged in phishing operations designed to trick victims into surrendering login credentials under false pretenses.

This domain was flagged by 15 out of 95 security vendors on VirusTotal, indicating widespread recognition of its malicious nature within the threat intelligence community. Registered via Cloudflare’s infrastructure, it operates from IP 188.114.96.3 and benefits from a Google Trust Services SSL certificate, which may lend false legitimacy to its fraudulent activities. The domain’s presence on multiple blocklists, combined with its low trust scores across security platforms, further underscores its malicious intent.

Users should avoid interacting with start-ledge-e-ng.pages.dev entirely, as it is confirmed to harvest credentials through deceptive landing pages. Organizations are advised to block access to the domain at the network perimeter and update firewall rules to prevent outbound connections to IP 188.114.96.3. Additionally, users who may have entered credentials should immediately rotate passwords and enable multi-factor authentication on all affected accounts. Security teams should monitor for any signs of lateral movement or unauthorized access linked to this domain’s infrastructure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/db8249ea-2933-49c0-9a9d-d3c4b60cf54a
- PhishDestroy: https://phishdestroy.io/domain/start-ledge-e-ng.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/start-ledge-e-ng.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/start-ledge-e-ng.pages.dev/
Last updated: 2026-03-24