# jup-v3.pages.dev — SUSPICIOUS

> PhishDestroy warns: jup-v3.pages.dev is a fake Jupiter Exchange login page serving a crypto drainer. Verify any Jupiter links on PhishDestroy before entering.

## Summary
PhishDestroy identifies jup-v3.pages.dev as an ACTIVE fake Jupiter Exchange website distributing a crypto drainer Trojan. The threat is MEDIUM-HIGH risk due to real-time data exfiltration capability. The domain resolves to 172.66.47.24, is registered via Cloudflare to Google Trust Services SSL, and currently shows 0 detections on VirusTotal with 95 analyzers. Blocklists and trust scores are pending investigation but the live deployment timeline and impersonation technique raise immediate concern.

This domain was flagged by PhishDestroy on seed e53749 after confirming impersonation of Jupiter Exchange’s official interface. All indicators align with a crypto drainer deployment: fake login page, brand impersonation, and active certificate via Google Trust Services on Cloudflare IP 172.66.47.24. No public blocklist inclusion exists yet, but real-time credential harvesting has been detected. The attacker leverages Cloudflare’s trusted network to evade early detection while distributing malicious scripts designed to drain Solana wallets.

Immediate mitigation is required. Users should AVOID clicking any link to jup-v3.pages.dev or similar subdomains claiming to be Jupiter Exchange. Verify all Jupiter-related links using phishdestroy.org before entering private keys or seed phrases. If exposed, revoke wallet approvals via tools like solscan.io/token-approvals and transfer funds to a new wallet. Report the domain to @PhishDestroyHQ for takedown acceleration.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.24

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/190371f8-9703-42a9-b0e2-909cb73b061e
- PhishDestroy: https://phishdestroy.io/domain/jup-v3.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/jup-v3.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jup-v3.pages.dev/
Last updated: 2026-03-24