# get-upheld-nav.pages.dev — MALICIOUS

> Caution: get-upheld-nav.pages.dev is a high-risk phishing domain now offline. Avoid interaction to prevent credential theft.

## Summary
PhishDestroy identifies get-upheld-nav.pages.dev as a high-risk generic phishing threat. The domain was registered recently and hosted content aiming to deceive users into revealing sensitive data.

This domain was created on February 21, 2026, and resolved to IP 172.66.47.66, registered through Cloudflare, Inc. It appeared on three prominent security blocklists and was flagged by 13 out of 95 VirusTotal scanners. The page title suggested a suspected phishing site, confirming malicious intent.

Currently, get-upheld-nav.pages.dev is offline and inaccessible. Users and organizations are advised to block this domain proactively and avoid any interaction with related URLs or communications.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.66
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ulla.ns.cloudflare.com", "koa.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2dad-a49f-7339-8b6f-9d80f339aacd.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7168fc14-14ae-49a2-949d-9547a6047c1b
- PhishDestroy: https://phishdestroy.io/domain/get-upheld-nav.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/get-upheld-nav.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/get-upheld-nav.pages.dev/
Last updated: 2026-03-19