# divace-ondeck-uphold.pages.dev — MALICIOUS

> Beware of divace-ondeck-uphold.pages.dev, a high-risk phishing domain now offline. Learn how it targets users and what to do to stay safe.

## Summary
PhishDestroy identifies divace-ondeck-uphold.pages.dev as a high-risk generic phishing domain targeting unsuspecting users. This domain was flagged for social engineering tactics designed to steal sensitive information, posing significant risks to individuals and organizations. Its ability to mimic legitimate services increases the likelihood of successful credential theft or financial fraud.

The domain was registered through Cloudflare, Inc. and was created on February 21, 2026. Although now taken offline, it was detected on three separate security blocklists and flagged by Google Safe Browsing under the category of SOCIAL_ENGINEERING. VirusTotal analysis shows that 13 out of 95 security vendors identified the domain as malicious, highlighting broad consensus on its dangerous nature. The infrastructure leveraged Cloudflare’s hosting, which can sometimes complicate detection and takedown efforts.

Users are strongly advised to avoid interacting with any communications or websites related to divace-ondeck-uphold.pages.dev. Do not enter personal or financial details on suspicious pages, and verify URLs carefully before clicking. Employ updated antivirus software and enable multi-factor authentication where possible to reduce exposure. Reporting phishing attempts to IT security teams or relevant authorities can help mitigate potential harm from this domain or similar campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.223
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["stella.ns.cloudflare.com", "todd.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2d6b-26bf-77e2-becd-b1038cc7f9d5.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/99de1386-a49f-43ae-a28f-2ce611a09b65
- PhishDestroy: https://phishdestroy.io/domain/divace-ondeck-uphold.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/divace-ondeck-uphold.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/divace-ondeck-uphold.pages.dev/
Last updated: 2026-03-19