# justg.live — SUSPICIOUS

> Domain justg.live unresolved as generic phishing lure resolving to 104.21.19.51; users should avoid access and report presence.

## Summary
PhishDestroy identifies justg.live as an active generic phishing threat and places it under investigation for potential credential harvesting and fraudulent impersonation. The domain resolves to IPv4 address 104.21.19.51 and was registered on March 26, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal scanning shows 0/95 detections to date, and the domain currently lacks inclusion in public blocklists. The SSL certificate, issued by Let’s Encrypt, may be used to lend false legitimacy to phishing pages targeting unsuspecting users.


Technical indicators for this domain include registration through NICENIC INTERNATIONAL GROUP CO., LIMITED, a known provider associated with low oversight, and assignment to IP 104.21.19.51 within AS13335 (Cloudflare). The domain’s creation date is March 26, 2026, which is unusually recent and suggests opportunistic deployment during an active campaign. Trust scores remain neutral across threat intelligence feeds, with no heuristic matches detected by VirusTotal or other detection engines. The presence of a valid Let’s Encrypt certificate complicates detection, as browsers display the padlock icon, reducing user suspicion during credential input.


To mitigate exposure, users should avoid accessing justg.live and report any encounters to their security teams. Organizations are advised to block the domain and associated IP at DNS and firewall layers. Enhanced email filtering should include the domain as a blocked sender, and security awareness training should emphasize scrutiny of recently registered domains with valid SSL certificates. Monitor for further submissions to threat intelligence platforms and consider sandbox analysis if the domain appears in network logs.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-26 11:38:24
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.19.51

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/be0169c5-cd3c-4b89-8f1b-c784900a96ca
- PhishDestroy: https://phishdestroy.io/domain/justg.live/
- LLM endpoint: https://phishdestroy.io/domain/justg.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/justg.live/
Last updated: 2026-03-26