# jupitar.fun — SUSPICIOUS

> Domain jupitar.fun impersonates Jupiter crypto brand with drainer scam. Check the full report. Detected by Google Safe Browsing.

## Summary
PhishDestroy identifies an active brand impersonation campaign targeting Jupiter users via the domain jupitar.fun. The domain mimics Jupiter’s official branding to deceive visitors into interacting with fraudulent content, likely aiming to harvest credentials or cryptocurrency funds. Threat analysis indicates this is a drainer scam page, where victims are prompted to connect wallets or input sensitive information under false pretenses. The infrastructure leverages social engineering tactics commonly seen in crypto-themed phishing operations, with a focus on exploiting user trust in recognizable brands to maximize engagement and illicit gains.


This domain was flagged with a VirusTotal detection score of 0/95 engines, indicating it remains undetected by most antivirus solutions as of the latest scan. The domain jupitar.fun was registered on March 30, 2026, through Unstoppable Domains Inc., resolving to IP address 185.242.3.225. It holds a valid SSL certificate issued by Let’s Encrypt, enhancing its perceived legitimacy. Google Safe Browsing has already categorized this domain under SOCIAL_ENGINEERING, and no blocklist entries were recorded at the time of analysis. The recent creation date and low detection rate suggest this campaign is in an early operational phase, potentially still being refined or actively deployed.


The current status of jupitar.fun is marked as active, with the campaign ongoing and undetected by most security vendors. Response actions are underway to notify hosting providers, domain registrars, and relevant threat intelligence platforms to facilitate take-down and blacklisting. However, the remaining risk is assessed as moderate to high due to the domain’s low detection footprint and the use of trusted SSL certificates. Users are strongly advised to avoid interacting with this domain, verify all URLs before engagement, and report suspicious activities to official Jupiter channels or cybersecurity authorities. Proactive blocking of the IP address and domain at the network level is recommended to mitigate exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Jupiter

## Domain Intelligence
- Registered: 2026-03-30 12:53:03
- Registrar: Unstoppable Domains Inc.
- IP: 185.242.3.225

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/664ee700-18f8-451c-8e91-3e1935bd99d1
- PhishDestroy: https://phishdestroy.io/domain/jupitar.fun/
- LLM endpoint: https://phishdestroy.io/domain/jupitar.fun/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jupitar.fun/
Last updated: 2026-03-31