# up-hold-log-in.pages.dev — MALICIOUS

> The domain up-hold-log-in.pages.dev is flagged for phishing. Avoid entering personal info and ensure your accounts stay secure.

## Summary
PhishDestroy identifies up-hold-log-in.pages.dev as a high-risk phishing domain designed to deceive users into revealing sensitive information. This site poses a significant threat by mimicking legitimate login pages to trick visitors, putting their personal and financial data at risk.

This phishing scheme typically works by presenting a fake login interface that appears authentic, encouraging users to input credentials such as usernames, passwords, or even payment details. The domain was registered recently and flagged by Google Safe Browsing for social engineering, with multiple security vendors detecting suspicious activity. Although currently offline, the domain was hosted on Cloudflare and appeared on security blocklists.

If a user has visited this site, they should immediately change any credentials entered and monitor their accounts for unauthorized activity. Running a security scan and enabling multi-factor authentication on affected accounts can further reduce risk. Users should remain vigilant and avoid clicking suspicious links or entering information on untrusted domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.243
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ruben.ns.cloudflare.com", "diva.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a7d42-cfd5-73af-91fe-dd5832fb197c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1e1dbed9-2965-4776-8a64-1e28bb0d625e
- PhishDestroy: https://phishdestroy.io/domain/up-hold-log-in.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/up-hold-log-in.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/up-hold-log-in.pages.dev/
Last updated: 2026-03-19