# uphold-login-accounyt.webflow.io — MALICIOUS

> The domain uphold-login-accounyt.webflow.io is linked to high-risk credential phishing. Avoid entering personal info and stay alert to protect your accounts.

## Summary
PhishDestroy has identified uphold-login-accounyt.webflow.io as a credential phishing domain designed to deceive users into revealing sensitive login information. Credential phishing remains a significant threat because attackers leverage stolen credentials to gain unauthorized access to financial accounts, identity theft, and further cybercrime activities. Users must remain vigilant as phishing sites often mimic legitimate services to lure victims.

Analysis of this domain reveals it was created recently on March 7, 2026, and currently resolves to IP address 172.64.151.8. According to VirusTotal, 19 out of 95 security vendors detected malicious activity tied to this domain, and it also appears on two security blocklists. While the domain is presently offline, it previously displayed a '404 - Page not found' error page, which could indicate an attempt to mask or disrupt detection efforts. The domain’s association with Webflow hosting suggests attackers used popular platforms to reduce suspicion.

Users are strongly advised not to interact with uphold-login-accounyt.webflow.io or provide any credentials if prompted. Always verify URLs carefully before entering sensitive data, especially for financial services. Employ multifactor authentication wherever possible and maintain updated security software to mitigate risks. If you suspect your credentials have been compromised, change passwords immediately and monitor your accounts for unauthorized activity.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Page title: 404 - Page not found

## Domain Intelligence
- Registered: 2026-03-07 13:07:01
- IP: 172.64.151.8
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "DNS8", "ESET", "Emsisoft", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "OpenPhish", "Phishtank", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://i.ibb.co/d4hyDRFY/c9100ebe729a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2819211e-64c9-4a57-9849-f5bbb8f0d25e
- Wayback Machine: https://web.archive.org/web/https://uphold-login-accounyt.webflow.io
- PhishDestroy: https://phishdestroy.io/domain/uphold-login-accounyt.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/uphold-login-accounyt.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/uphold-login-accounyt.webflow.io/
Last updated: 2026-03-19