# jupi-swap.icu — SUSPICIOUS

> jupi-swap.icu is impersonating a legitimate crypto platform to steal credentials. Flagged by 0/95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies jupi-swap.icu as an active cryptocurrency-themed phishing domain designed to mimic a legitimate decentralized exchange platform, currently under investigation for malicious activity. The domain leverages deceptive branding to trick users into entering sensitive wallet credentials or financial information, posing a direct threat to cryptocurrency holders. No confirmed brand name has been specified in available intelligence, but the phishing lure strongly suggests an impersonation strategy targeting users familiar with popular exchange interfaces.


This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it has not yet been widely recognized as malicious. The domain is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP address 216.203.20.169, and holds a valid SSL certificate issued by Let's Encrypt. Registration occurred on April 02, 2026, making it a newly active threat with a short operational history. Current trust and reputation scores remain unverified due to its recent emergence and low detection rate.


Given the active status and low detection coverage, organizations and end-users should exercise heightened caution. It is recommended to block the domain jupi-swap.icu at the network perimeter and update browser/endpoint security policies to flag or block access. Users should avoid interacting with the site and report any observed credential submission attempts. Security teams are advised to monitor for related infrastructure or domain variations and consider adding the IP address 216.203.20.169 to blocklists. Further investigation is warranted to assess potential ties to broader phishing campaigns or associated malicious infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 16:33:56
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 216.203.20.169

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/jupi-swap.icu
- PhishDestroy: https://phishdestroy.io/domain/jupi-swap.icu/
- LLM endpoint: https://phishdestroy.io/domain/jupi-swap.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jupi-swap.icu/
Last updated: 2026-04-04