# jup-ag-rewards.online — SUSPICIOUS

> PhishDestroy identifies jup-ag-rewards.online as a Jupiter brand impersonation phishing site. VT 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies jup-ag-rewards.online as an active brand impersonation phishing domain mimicking Jupiter’s rewards program. This low-effort but dangerous domain was registered on April 08, 2026 through NAMECHEAP INC and currently resolves to IP address 216.173.64.48. It operates under a recently issued Let’s Encrypt SSL certificate, which may lend false credibility to unsuspecting visitors. Notably, VirusTotal currently shows 0 out of 95 security engines detecting the threat, placing it in a blind spot for automated scanning tools. This lack of detection combined with the use of a legitimate registrar and trusted SSL provider highlights the sophistication of modern phishing campaigns, which increasingly blend into normal web traffic to evade detection.

This domain is categorized as a brand impersonation phishing site targeting users of Jupiter’s rewards platform. Technical indicators include registration through NAMECHEAP INC, domain creation on April 08, 2026, and hosting at IP 216.173.64.48 with a Let’s Encrypt certificate. Current intelligence shows zero detections on VirusTotal (0/95), indicating it remains under the radar of most automated defenses. The absence of entries on major blocklists such as PhishTank, OpenPhish, or Google Safe Browsing further reduces visibility. Trust scores are low due to the domain’s newness and lack of established reputation, compounded by its clear intent to deceive through Jupiter branding.

Users should avoid interacting with jup-ag-rewards.online entirely. If you receive an unsolicited email or message referencing this domain or Jupiter rewards, do not click any links or enter personal information. Verify any reward offers directly through Jupiter’s official website or app. Report this domain to your email provider, browser, and security tools. Domain owners and security teams are advised to block IP 216.173.64.48 and the domain at the network perimeter. This threat underscores the need for layered defenses, including user awareness training, email filtering, and real-time domain reputation checks using tools like PhishDestroy to identify emerging impersonation campaigns before they escalate.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Jupiter

## Domain Intelligence
- Registered: 2026-04-08 21:34:10
- Registrar: NAMECHEAP INC
- IP: 216.173.64.48

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/jup-ag-rewards.online
- PhishDestroy: https://phishdestroy.io/domain/jup-ag-rewards.online/
- LLM endpoint: https://phishdestroy.io/domain/jup-ag-rewards.online/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jup-ag-rewards.online/
Last updated: 2026-04-10