# jup-ag-jupiter.cc — SUSPICIOUS

> Warning about jup-ag-jupiter.cc, a phishing domain impersonating Jupiter. Currently offline but previously flagged on security blocklists.

## Summary
PhishDestroy identifies jup-ag-jupiter.cc as a medium-risk domain engaged in brand impersonation targeting the Jupiter brand. This threat exploits trust in the legitimate Jupiter name to potentially deceive users.

The domain jup-ag-jupiter.cc was registered on February 21, 2026, through NiceNIC International Group Co., Limited. It resolves to IP address 188.114.96.3 and was found on two security blocklists. Additionally, VirusTotal analysis shows 4 out of 95 security vendors flagged this domain, supporting suspicions of malicious activity. Despite its threat profile, the domain currently returns a “404 Not Found” page and is offline.

Given its offline status, immediate risk to users is reduced; however, caution is advised if this domain reappears. Users and organizations should maintain vigilant email and web protections, update blocklists, and verify URLs carefully before interacting with sites claiming to represent Jupiter. PhishDestroy continues monitoring the domain for any changes in activity.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: Jupiter
- Page title: 404 Not Found

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["terry.ns.cloudflare.com", "ximena.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["alphaMountain.ai", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/01996776-ee83-7018-b43a-2734646c2dae.png
- PhishDestroy: https://phishdestroy.io/domain/jup-ag-jupiter.cc/
- LLM endpoint: https://phishdestroy.io/domain/jup-ag-jupiter.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jup-ag-jupiter.cc/
Last updated: 2026-03-19