# home-upholld-log.pages.dev — MALICIOUS

> home-upholld-log.pages.dev is a confirmed phishing site flagged for social engineering. Learn how it operates and what to do if exposed.

## Summary
PhishDestroy identifies home-upholld-log.pages.dev as a high-risk phishing domain designed to deceive users into revealing sensitive information. This site has been flagged for social engineering by Google Safe Browsing and is listed on multiple security blocklists, signaling a significant threat to online safety.

This phishing campaign operates by mimicking legitimate web pages to trick visitors into entering personal data or login credentials. The domain was created recently and resolves to an IP associated with Cloudflare, which was used to host the malicious content. Although the domain is currently offline, users who encountered it may have been targeted to steal confidential details for fraudulent purposes.

If you visited home-upholld-log.pages.dev, it is critical to avoid entering any information and to run a full scan on your devices for malware. Change passwords immediately for any accounts that might have been compromised and monitor financial statements for unauthorized activity. Reporting the incident to your IT department or a cybersecurity professional can help mitigate potential damage.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.84
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ivy.ns.cloudflare.com", "dom.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2da9-02d2-71f8-8066-b1ccbf538da5.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/987d610d-ba06-4110-b7ff-bc4d83f48688
- PhishDestroy: https://phishdestroy.io/domain/home-upholld-log.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/home-upholld-log.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-upholld-log.pages.dev/
Last updated: 2026-03-19