# jupswap.pages.dev — MALICIOUS

> Exercise caution with jupswap.pages.dev, flagged for social engineering risks. Avoid interacting with this suspicious delivery scam site.

## Summary
PhishDestroy has identified the domain jupswap.pages.dev as a potential delivery scam, currently classified under active investigation. This domain exhibits typical traits linked with fraudulent delivery schemes designed to deceive users into divulging personal or financial information. Although the exact nature of the scam remains under closer examination, the domain’s association with social engineering tactics raises significant concerns.

From a technical standpoint, jupswap.pages.dev resolves to the IP address 188.114.97.3 and is registered through Cloudflare, Inc. Despite these indicators, VirusTotal analysis reveals no detections from its 95 security vendors, suggesting the threat may be newly emerging or employing sophisticated evasion techniques. Google Safe Browsing flags the domain for social engineering, emphasizing its risk for deceptive practices. The use of a pages.dev subdomain hints at abuse of legitimate cloud hosting services to mask malicious activity.

Currently, the domain remains active and under continuous observation. PhishDestroy recommends users avoid engagement with jupswap.pages.dev until further conclusions are drawn. Security teams should monitor this domain for any updates or shifts in activity patterns, and consider implementing appropriate network blocks or alerts to prevent exposure to potential scams. Vigilance is advised as investigations proceed.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP ?)
- Target brand: Jupiter
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: igor.ns.cloudflare.com lauryn.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["ADMINUSLabs", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Phishing Database", "Sophos", "VIPRE"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc29a-e305-7064-ab7b-6be7863db088.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/jupswap.pages.dev
- Wayback Machine: https://web.archive.org/web/https://jupswap.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/jupswap.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/jupswap.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/jupswap.pages.dev/
Last updated: 2026-03-19