# upheld-login.wasmer.app — SUSPICIOUS

> The domain upheld-login.wasmer.app is an active credential theft threat targeting users. Flagged by 4 of 95 VirusTotal vendors, this site impersonates.

## Summary
The domain upheld-login.wasmer.app has been identified as an active credential theft threat currently targeting users through deceptive login pages. This malicious site operates by impersonating legitimate services to harvest sensitive authentication credentials from unsuspecting victims.

Security analysis reveals this domain is flagged by 4 of 95 VirusTotal security vendors, indicating confirmed malicious activity. The domain resolves to IP address 62.210.172.147, which has been associated with previous malicious campaigns. While specific registrar information and creation date are not provided in the current intelligence, the detection by multiple security vendors confirms the threat's legitimacy.

This credential theft operation remains active and poses immediate risk to users. PhishDestroy recommends immediate blocking of this domain at network and browser levels. Users should never enter credentials on this site and should verify legitimate service URLs before authentication. Organizations should update threat intelligence feeds with this domain to prevent employee access.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Page title: App Disabled

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 62.210.172.147
- Nameservers: alpha.ns.wasmernet.com beta.ns.wasmernet.com

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Emsisoft", "Fortinet", "Netcraft", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://i.ibb.co/7Jw7QxGc/8c32ba886f96.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a29914b3-a5be-4733-b1f6-62127a5ffaf2
- PhishDestroy: https://phishdestroy.io/domain/upheld-login.wasmer.app/
- LLM endpoint: https://phishdestroy.io/domain/upheld-login.wasmer.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/upheld-login.wasmer.app/
Last updated: 2026-03-19