# allocation.jup-advanced.com — MALICIOUS

> allocation.jup-advanced.com is a high-risk phishing site impersonating Jupiter. Avoid interaction and report suspicious activity immediately.

## Summary
PhishDestroy identifies allocation.jup-advanced.com as a high-risk phishing domain actively impersonating the Jupiter brand. The site uses deceptive branding, including a page titled "Portfolio | Jupiter," to lure users into believing it is an official platform. This tactic aims to steal sensitive information such as login credentials or financial data by exploiting user trust in the legitimate Jupiter brand.

The domain allocation.jup-advanced.com was registered recently on February 21, 2026, and resolves to the IP address 172.67.210.16. It is currently active and appears on three separate security blocklists, indicating a consensus among security providers regarding its malicious nature. Additionally, 13 out of 95 security vendors flagged this domain on VirusTotal, further corroborating its potential threat. The domain’s infrastructure suggests it is part of a coordinated phishing campaign targeting users familiar with the Jupiter brand.

Given its active status and high-risk classification, users and organizations are strongly advised to avoid visiting allocation.jup-advanced.com. Security teams should consider blocking the domain on network firewalls and email filters to prevent accidental access. Users suspecting they have interacted with this site should promptly change affected credentials and monitor accounts for suspicious activity. PhishDestroy continues to monitor this domain for any changes in behavior or infrastructure to provide timely updates to the security community.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Jupiter
- Page title: Portfolio | Jupiter

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 172.67.210.16
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b9f72-5bba-7763-bb41-484ff5398adf.png
- PhishDestroy: https://phishdestroy.io/domain/allocation.jup-advanced.com/
- LLM endpoint: https://phishdestroy.io/domain/allocation.jup-advanced.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/allocation.jup-advanced.com/
Last updated: 2026-03-19