# web--uphol-com.pages.dev — MALICIOUS

> web--uphol-com.pages.dev was flagged for phishing with social engineering risks. Stay alert and avoid this domain. Learn more and protect yourself.

## Summary
PhishDestroy identifies web--uphol-com.pages.dev as a high-risk phishing domain that was recently taken offline. This site posed significant danger by attempting to trick users into revealing sensitive personal or financial information through deceptive tactics. Such phishing sites often mimic legitimate services to exploit user trust.

This phishing campaign utilized a Cloudflare-hosted subdomain created in early 2026. The domain was reported by multiple security sources, including Google Safe Browsing, which classified it under social engineering threats. The site likely employed fake login pages or forms to harvest credentials, exploiting unsuspecting visitors who followed links or emails directing them to the fraudulent webpage.

If you have visited this domain, it is critical to immediately check your accounts for unusual activity and change passwords where appropriate. Avoid clicking on links from unknown sources or unsolicited communications. Utilizing security tools such as antivirus software and enabling multi-factor authentication can also help mitigate risks from similar phishing attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.182
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["rosalie.ns.cloudflare.com", "bryce.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019af3b7-2b0e-744f-aa34-c229d454d2d7.png
- PhishDestroy: https://phishdestroy.io/domain/web--uphol-com.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/web--uphol-com.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web--uphol-com.pages.dev/
Last updated: 2026-03-19