# access-uphold-secure-login.pages.dev — MALICIOUS

> Access-uphold-secure-login.pages.dev is identified as a high-risk phishing domain. Avoid entering credentials and stay vigilant against scams.

## Summary
PhishDestroy identifies access-uphold-secure-login.pages.dev as a credential phishing domain designed to deceive users into submitting sensitive login information. Classified under social engineering threats, this domain mimics legitimate services to harvest credentials, posing a significant risk to user security. The domain was registered recently on February 21, 2026, which aligns with typical patterns of malicious short-lived phishing sites.

Technical analysis reveals that the domain resolves to the IP address 172.66.47.162, associated with Cloudflare infrastructure, a common tactic to leverage reputable hosting for evasion. It appears on three separate security blocklists and has been flagged by Google Safe Browsing for social engineering, reinforcing its malicious intent. VirusTotal detection rates indicate that 14 out of 95 security vendors identified the domain as suspicious, further corroborating the threat. The page title encountered during investigation read "Suspected phishing site | Cloudflare," indicating active warnings during the domain’s operation.

Currently, access-uphold-secure-login.pages.dev is offline following takedown efforts, reducing immediate risk to users. PhishDestroy recommends continued vigilance, as threat actors often register similar domains to perpetuate phishing campaigns. Users should avoid interacting with this domain and report any suspicious email or message directing them to such URLs. Monitoring for related domains and applying updated blocklists remain essential preventive measures.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.162
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["yolanda.ns.cloudflare.com", "mitch.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2f39-66b7-7588-bea8-c08aeb390bed.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7ffe6532-b238-4fa3-a279-7f88dd4ddd79
- PhishDestroy: https://phishdestroy.io/domain/access-uphold-secure-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/access-uphold-secure-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/access-uphold-secure-login.pages.dev/
Last updated: 2026-03-19