# swap-jupi.icu — SUSPICIOUS

> PhishDestroy identifies swap-jupi.icu as a crypto drainer site mimicking Jup.ag with 0/95 VirusTotal detections. Verify legitimacy before connecting wallets.

## Summary
PhishDestroy identifies swap-jupi.icu as a crypto drainer posing as the legitimate Jup.ag trading platform to steal cryptocurrency from victims.


This domain was flagged for malicious activity after deploying a crypto drainer script. The site resolves to IP 188.114.96.3 and was created on April 02, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal currently shows 0 detections out of 95 scanners, indicating it evades most automated defenses. The fraudulent site also uses a Let's Encrypt SSL certificate to appear legitimate.


If you visited swap-jupi.icu, immediately disconnect your wallet and revoke any connected permissions. Do not enter seed phrases or private keys. Scan your device for malware and report suspicious transactions to PhishDestroy for investigation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 16:33:53
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/swap-jupi.icu
- PhishDestroy: https://phishdestroy.io/domain/swap-jupi.icu/
- LLM endpoint: https://phishdestroy.io/domain/swap-jupi.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/swap-jupi.icu/
Last updated: 2026-04-02