# jupiverses.com — SUSPICIOUS

> jupiverses.com is a crypto drainer phishing site with 0/95 VirusTotal detections. Avoid connecting wallets or sharing credentials. Investigate before engaging.

## Summary
PhishDestroy identifies jupiverses.com as a suspected crypto drainer phishing domain designed to trick users into connecting cryptocurrency wallets or revealing private keys. The site impersonates Jupiter, a legitimate Jupiter aggregator and DeFi platform, aiming to harvest victim funds through fraudulent transaction approvals. While no specific drainer kit signatures were publicly documented at time of assessment, the domain's behavior aligns with known crypto-draining campaigns that simulate legitimate DeFi interfaces to prompt wallet connections and initiate unauthorized token transfers.  

This domain was flagged under investigation with the following technical indicators: VirusTotal detection score of 0/95 engines, registered via GoDaddy.com, LLC, resolving to IP address 188.114.96.3, created on March 21, 2026, secured with a Let's Encrypt SSL certificate, and currently unblocked by Google Safe Browsing. The domain shows no prior listing on major threat intelligence blocklists, indicating a newly emerged threat with minimal historical detection.  

As of current assessment, jupiverses.com remains active and unblocked across major browsers and security platforms. No takedown actions have been recorded. The risk level is classified as 'under investigation' due to limited behavioral telemetry and low detection coverage. Users are strongly advised to avoid interacting with the domain, verify URLs via official Jupiter channels, and report any suspicious wallet connections to platform security teams. Remaining risk includes potential expansion into broader phishing campaigns or integration into automated drainer toolkits as threat actors refine infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-21 16:20:33
- Registrar: GoDaddy.com, LLC
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/500f2760-b388-41cd-8e71-1fc01c6fd6c8
- PhishDestroy: https://phishdestroy.io/domain/jupiverses.com/
- LLM endpoint: https://phishdestroy.io/domain/jupiverses.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jupiverses.com/
Last updated: 2026-03-22