# getjup.xyz — MALICIOUS

> getjup.xyz is linked to potential phishing risks. Stay cautious and avoid sharing personal info if you encounter this domain.

## Summary
PhishDestroy identifies getjup.xyz as an active generic phishing domain posing a medium-level risk to internet users. The domain is associated with deceptive tactics designed to trick victims into divulging sensitive information. Although not among the highest severity threats, its presence warrants caution due to ongoing phishing activity. Users should remain vigilant when interacting with unsolicited messages referencing this domain.

The infrastructure behind getjup.xyz includes resolution to IP address 172.67.172.48 and registration through Sav.com, LLC. The domain was created recently on March 05, 2026, indicating a relatively new threat actor presence. VirusTotal analysis flags the domain by 7 out of 95 security vendors, and it appears on one security blocklist, confirming a degree of suspicion around its operations. These technical indicators reinforce the concern that getjup.xyz is leveraged for malicious purposes.

Currently, getjup.xyz remains active and continues to pose risks in phishing campaigns. PhishDestroy recommends users avoid clicking on links associated with this domain and exercise caution with emails or messages from unknown sources referencing it. Organizations should consider adding getjup.xyz to internal blocklists and educate users about recognizing phishing attempts. Ongoing monitoring is essential to track changes in the threat and ensure timely defensive actions.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Crypto Tools

## Domain Intelligence
- Registered: 2026-03-06 21:07:02
- Registrar: Sav.com, LLC
- Country: US
- IP: 172.67.172.48
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["arturo.ns.cloudflare.com", "venus.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "G-Data", "Kaspersky", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc48e-abbf-7098-b899-7283f282a3b7.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/71cebf91-309a-4d23-a9a2-e9af45e9c2cc
- Wayback Machine: https://web.archive.org/web/https://getjup.xyz
- PhishDestroy: https://phishdestroy.io/domain/getjup.xyz/
- LLM endpoint: https://phishdestroy.io/domain/getjup.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/getjup.xyz/
Last updated: 2026-03-19