# app-jlto.cc — SUSPICIOUS

> PhishDestroy identifies app-jlto.cc as a generic phishing domain with 0/95 VirusTotal detections. Review the full report for IOCs and mitigation steps.

## Summary
PhishDestroy has flagged app-jlto.cc as a generic phishing domain currently under investigation. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on November 19, 2025, and resolved to IP address 104.21.1.170. Despite hosting a page titled www.www.app-jlto.cc and leveraging a Google Trust Services SSL certificate, the domain remains unflagged on VirusTotal with 0/95 detections at the time of analysis. Its recent creation date and low detection rate suggest potential for abuse, warranting heightened scrutiny.  The domain’s infrastructure includes a Google Trust Services SSL certificate, which may lend it an air of legitimacy to unsuspecting users. However, the page title’s redundant format (www.www.app-jlto.cc) and the domain’s recent registration through a registrar associated with bulk domain sales raise red flags. The IP address 104.21.1.170 has been linked to malicious hosting in the past, further correlating with its phishing classification. While the domain is currently offline, its brief operational window highlights the transient nature of such threats, emphasizing the need for proactive monitoring.  To mitigate risks associated with this domain, organizations should block app-jlto.cc at the network perimeter and DNS level. Users who may have interacted with the domain should be advised to reset credentials if any were entered, enable multi-factor authentication where available, and monitor accounts for suspicious activity. Security teams are encouraged to cross-reference this domain with internal threat intelligence feeds and share IOCs with trusted communities to prevent further propagation. Given the domain’s low detection rate, traditional signature-based defenses may prove insufficient, making behavioral analysis and user awareness training critical components of a robust defense strategy.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP ?)
- Page title: www.www.app-jlto.cc

## Domain Intelligence
- Registered: 2025-11-19 18:46:03
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.1.170

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e5c32c40-3f61-4844-bb4d-39e35a9f8ce8
- PhishDestroy: https://phishdestroy.io/domain/app-jlto.cc/
- LLM endpoint: https://phishdestroy.io/domain/app-jlto.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-jlto.cc/
Last updated: 2026-04-14