# jumps.exchange — MALICIOUS

> jumps.exchange posed a medium phishing risk. Avoid interacting with it and report suspicious links to stay safe online.

## Summary
PhishDestroy identifies jumps.exchange as a medium-risk phishing domain primarily involved in generic phishing activities. The domain was designed to deceive users by mimicking legitimate services, as indicated by its page title referencing "imToken | Jumper." The medium risk level reflects its potential to harvest credentials or sensitive information but without evidence of highly targeted or sophisticated attacks.

Supporting evidence includes the domain resolving to IP address 216.198.79.1 and being registered through Vercel Inc., a common hosting provider. jumps.exchange appeared on two security blocklists and was flagged by 9 out of 95 security vendors on VirusTotal, indicating a credible threat presence. These detections suggest that multiple security tools recognized malicious or suspicious behavior associated with this domain. However, the domain is currently offline, reducing immediate risk.

To mitigate risks, users should avoid visiting jumps.exchange or interacting with any communications referencing it. Reporting phishing attempts helps strengthen collective defenses. PhishDestroy notes that the domain has been taken offline, which significantly limits its operational threat. Nonetheless, users and organizations should remain vigilant for potential reactivation or similar phishing campaigns leveraging related infrastructure or branding.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: imToken | Jumper

## Domain Intelligence
- Registrar: Vercel Inc.
- Country: US
- IP: 216.198.79.1
- IP Org: Cloudflare CDN
- Nameservers: eugene.ns.cloudflare.com iris.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 9 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199c5d4-156d-70d5-b4cb-be1c070bd450.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/84706110-e2ad-4e4d-ae0c-8396b7c499e4
- PhishDestroy: https://phishdestroy.io/domain/jumps.exchange/
- LLM endpoint: https://phishdestroy.io/domain/jumps.exchange/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jumps.exchange/
Last updated: 2026-03-19