# upholedlogin.pages.dev — MALICIOUS

> upholedlogin.pages.dev is a high-risk credential phishing domain. Avoid entering personal info; the site is now offline but was flagged by multiple security.

## Summary
PhishDestroy identifies upholedlogin.pages.dev as a credential phishing threat designed to steal sensitive login information. Credential phishing remains a critical issue because it enables attackers to gain unauthorized access to personal and financial accounts, leading to identity theft and financial loss. This domain posed a high risk to users attempting to access it.

The domain upholedlogin.pages.dev was registered on February 21, 2026, through Cloudflare, Inc. It was quickly flagged by several security blocklists and detected by 14 out of 95 security vendors on VirusTotal. Although the domain is currently taken offline, its presence on multiple blocklists indicates a well-crafted phishing infrastructure aimed at deceiving users.

Users are strongly advised not to visit or submit any credentials to upholedlogin.pages.dev. If any personal information was entered, it is crucial to change passwords immediately and monitor accounts for suspicious activity. Staying vigilant and verifying domain authenticity before entering login details can prevent falling victim to similar phishing attempts in the future.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.70
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["chan.ns.cloudflare.com", "corey.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019aa75f-b9d9-75cc-b8cb-4cff80ae4f95.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/11207ffc-2225-4d05-92a3-3ac68a7a9555
- PhishDestroy: https://phishdestroy.io/domain/upholedlogin.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/upholedlogin.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/upholedlogin.pages.dev/
Last updated: 2026-03-19