# jupfoundation.click — SUSPICIOUS > jupfoundation.click is a fraudulent Solana-based phishing site resolving to 188.114.96.3. Blocked by MetaMask and SEAL, users should avoid this domain and. ## Summary PhishDestroy identifies jupfoundation.click as an active phishing domain impersonating the Solana blockchain ecosystem. This domain poses as a fake Solana foundation portal, luring users into exposing wallet credentials or approving malicious transactions. jupfoundation.click currently resolves to IP 188.114.96.3, a host associated with generic phishing activity. The domain was registered on April 05, 2026, through Dynadot, LLC, and has already been flagged by 2 security blocklists and 0 of 95 VirusTotal vendors. Despite using a Let’s Encrypt SSL certificate, it has been blocked by MetaMask and SEAL security tools, indicating early-stage compromise. Current status for jupfoundation.click is under investigation, with active redirection and probable brand abuse. It poses a medium-high risk due to its recent creation, active deployment, and lack of vendor detection. Users interacting with this domain risk credential theft, wallet draining via fake transaction approvals, or malware download. This site should be treated as hostile infrastructure. Technical indicators include IP 188.114.96.3, Dynadot LLC registration, and a Let’s Encrypt certificate issued shortly after domain creation. Risk assessment based on domain age (under 1 week), zero vendor detection, and active blocklist presence suggests opportunistic exploitation of Solana ecosystem trust. It is likely part of a broader campaign targeting crypto users familiar with Jupiter or Solana-based platforms. Concrete recommendations: Block jupfoundation.click at DNS and network levels. Users should avoid clicking links from unsolicited messages or social media. Verify any Solana-related site by checking official domains (e.g., jup.io, solana.com) and inspect wallet connection prompts carefully. Report suspicious domains to security teams and phishing aggregators. Monitor transactions for unauthorized transfers. Organizations should update firewall and browser blocklists to include this domain and its IP. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-05 22:01:04 - Registrar: Dynadot, LLC - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["MetaMask", "SEAL"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/jupfoundation.click - PhishDestroy: https://phishdestroy.io/domain/jupfoundation.click/ - LLM endpoint: https://phishdestroy.io/domain/jupfoundation.click/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/jupfoundation.click/ Last updated: 2026-04-07