⚠️
This domain has been flagged as malicious
Detected by 3 security vendors and listed in 1 public blocklist. Exercise extreme caution — do not enter personal information or connect wallets.

absolute-cinema[.]net

“Ufabet Online Live Casino | UFA888”

3/95 VT Active Feb 13, 2026 1 Blocklist
27 Threat
PhishDestroy AI
MEDIUM
Ref
A39098C6
Score
27/100
Engine
PD-4 Turbo
The domain absolute-cinema[.]net is currently active and poses as a live casino website under the title 'Ufabet Online Live Casino | UFA888'. It has been flagged by VirusTotal with a detection rate of 3 out of 95, indicating potential malicious activity. This domain lures users by mimicking legitimate online gambling services, which can lead to data theft or financial scams.

Registered just three days ago through NICENIC INTERNATIONAL GROUP CO., LIMITED in Hong Kong, this domain utilizes an IP address of 188.114.96.3. With one blocklist entry already noted, the rapid registration and current hosting setup suggest a typical pattern of fraudulent domains designed to deceive and exploit users quickly.

PhishDestroy has actively reported this phishing site to relevant authorities and is continuously monitoring its status. As of now, the domain remains operational, and users should be vigilant to avoid potential scams associated with it.
VT
VirusTotal
3 det.
US
URLScan
Age
7d Brand New!
Status
Live 405
PD
DestroyList
Listed
Reports
1

Threat Response Pipeline

Discovery
Submission
Legal
Takedown
18/19
Pre-emptive Discovery & Ingestion
30+ Proprietary Parsers · Infrastructure Analysis · Community Intelligence · Threat Ingested
4/4 ✓
30+ Proprietary Parsers
Distributed network scanning Google Ads (malvertising), SEO-manipulated results, Twitter/X, YouTube & Telegram campaigns
Infrastructure Analysis
dnstwist & typosquatting detection to catch look-alike domains targeting established brands
Community Intelligence
Real-time ingestion of community-reported threats via Telegram Bot & partner intelligence feeds
Threat Ingested
absolute-cinema.net detected and queued for full analysis
Feb 13, 2026
Global Ecosystem Submission
54+ Vendor Submissions · URLScan.io Snapshot · Cloudflare Radar · VirusTotal · Blocklist Detection · Forensic Evidence Collection · Web Archive Preservation · Technical Deep Analysis
8/8 ✓
54+ Vendor Submissions
Threat data submitted to 54+ security vendors & threat intelligence platforms
Show all 54 vendors
SpamhausCloudflareGoogle Safe BrowsingMicrosoft SecurityVirusTotalNetcraftESETBitdefenderNorton Safe WebAviraPhishTankDr.WebYandex Safe BrowsingURLScan.ioPolySwarmSiteReviewURLQueryPhishStatsPhishReportIsItPhishThreatCenterKasperskyOpenPhishAPWG eCrimeComodo / XcitiumFortinet / FortiGuardPalo Alto NetworksSophosTrend MicroWebrootZeroFOXSURBLAbusixCRDF LabsQuad9CleanBrowsingCyRadarScumware.orgPhishing.DatabaseMalware PatrolANY.RUNHybrid AnalysisURLhausMalwareBazaarThreatFoxAbuse.chAbuseIPDBAlienVault OTXMISPDomainToolsSecurityTrailsCensysBinaryEdgeCIRCL
URLScan.io Snapshot
Submitted to urlscan.io — screenshot, DOM & HTTP transactions captured
Feb 13, 2026
Cloudflare Radar
Scanned via Cloudflare Radar — DNS, certificates & network data
VirusTotal
3 / 95 vendors flagged on VirusTotal
Feb 25, 2026
Blocklist Detection
Found in 1 blocklist: PhishDestroy
Feb 25, 2026
Forensic Evidence Collection
Public scans via URLScan.io, URLQuery & Cloudflare Radar — DOM snapshots, HTTP transactions, DNS & certificate data
Web Archive Preservation
Site preserved in Wayback Machine — immutable copy of phishing content for legal evidence
Technical Deep Analysis
JS source analysis, directory enumeration, open directories scan, email harvesting, Telegram bot detection, exposed databases & other OSINT artifacts useful for threat actor identification
Legal Notifications & Reporting
Registrar & Hosting Notification · DestroyList Published · Abuse Reports Sent · Conditional Re-detection
4/4 ✓
Registrar & Hosting Notification
Initial abuse reports sent to domain registrar (NICENIC INTERNATIONAL GROUP CO., LIMITED) and hosting provider with forensic evidence packages (metadata, screenshots, PDF)
DestroyList Published
Added to PhishDestroy/DestroyList — open-source blocklist for wallets & extensions
Feb 13, 2026
Abuse Reports Sent
Abuse report sent to registrar NICENIC INTERNATIONAL GROUP CO., LIMITED, hosting provider, 1 abuse contact
Feb 13, 2026
Conditional Re-detection
Follow-up alerts only if threat remains active beyond 24 hours — prevents spam, ensures reports contain active evidence
ICANN Escalation — triggered only on re-detection (24h+ active threat), not on initial report. Formal complaint per RAA §3.18 with full forensic evidence
Public Transparency & Takedown
Open Threat Database · Social Broadcasting · Awaiting Takedown
2/3
Open Threat Database
Real-time commits to GitHub repository & live monitoring at phishdestroy.io/live
Social Broadcasting
Automated alerts on Twitter, Telegram & Mastodon channels
Awaiting Takedown
Domain still active — monitoring & re-reporting continues

Public Blocklist Status

Evidence Capture

Snapshot
2026-02-13 04:33 UTC
Malicious
Forensic screenshot of absolute-cinema.net
IP: 188.114.96.3
NICENIC INTERNATIONAL GROUP CO., LIMITED
7d

Domain Intelligence

Domainabsolute-cinema.net
IP Address188.114.96.3
CreatedFeb 21, 2026 (7 days — Brand New!)
ExpiresJan 06, 2027
Nameservershunts.ns.cloudflare.com
lisa.ns.cloudflare.com
Page TitleUfabet Online Live Casino | UFA888
Abuse Contactsabuse@nicenic.net
First DetectedFeb 13, 2026
Case IDPD-20260213-26DE02
HTTP Status405
Report This Domain Submit evidence & help protect others

VirusTotal Analysis

3 / 95 security vendors flagged this domain
View on VT
Fortinet
Gridinsoft
SOCRadar

Evidence & External Reports

Were You Affected by This Site?

You are not alone and there is nothing to be ashamed of. Scammers are sophisticated criminals who exploit trust. Reporting your experience is the most powerful weapon against fraud — your report can prevent others from becoming victims and help law enforcement take action. Silence is the scammer's greatest advantage. Break it.

If you have interacted with this domain, entered personal information, or connected a cryptocurrency wallet — take immediate action. Below are resources to help you report the incident and protect yourself.

Beware of recovery scammers! After being scammed, criminals may contact you again pretending to be "recovery agents," lawyers, or investigators who claim they can retrieve your lost funds — for a fee. This is a second scam. No legitimate service will ask for upfront payment to recover stolen crypto. Learn more about recovery fraud →

Report to Your Local Authorities

Select your country to see local cybercrime reporting contacts and complaint templates.

Select your country...

Related Domain Reports

dortalon.net
1 detections
lunadefi.net
2 detections
memerug.net
2 detections
ellevesta.net
1 detections
slon9-at.net
2 detections
slon9cc.net
2 detections
slon5at.net
3 detections
slon7-at.net
2 detections

Other Domains on 188.114.96.3

dash-spotifycostumerportal-port-premuim.ownership-assets.net 25 staemcommunnity.cc 23 youngg-account.com 23 cathaypacific.prociv-srl.sbs 23 ledgerglobai.com 23 t-mobile.tfpok.cc 23

More Domains at NICENIC INTERNATIONAL GROUP CO., LIMITED

rbxlab.ac crypto.solwarp.cc 5 luminter.io 2 lunadefi.net 2 k.kramarkets.com 5 reinforce-coinbase.com 11

About This Report: absolute-cinema.net

This domain security report for absolute-cinema.net is maintained by PhishDestroy's automated threat intelligence pipeline. Our system continuously monitors this domain across 95 security vendors on VirusTotal, 1 public blocklists, URLScan.io.

The site displays a page titled “Ufabet Online Live Casino | UFA888”.

absolute-cinema.net has been flagged by 3 security vendors as of March 1, 2026.

If you believe this listing is inaccurate, you can submit an appeal. For more information about our methodology, visit our FAQ page.

Stay Informed, Stay Safe

Monitor live threats or contest this listing if you believe it's a false positive

Live Threat Feed Appeal This Listing

If You Were Scammed — What To Do Now

An estimated $51 billion flowed to illicit crypto wallets in 2024. If you interacted with absolute-cinema.net or a similar site — act immediately. Every minute counts.

Immediate Actions
Do this first
  • Revoke all token approvals — use revoke.cash to remove access granted to malicious contracts
  • Transfer remaining funds to a brand-new wallet immediately. Assume compromised wallet is unsafe
  • Change all passwords — especially email, exchange accounts, and any account that shares the same password
  • Enable 2FA everywhere — use an authenticator app (not SMS). Disable SMS-based recovery if possible
  • Freeze credit/debit cards if you entered banking details on the phishing site
Information To Collect
For your report
  • Cryptocurrency addresses — scammer's wallet address (e.g., 0x5856...35985)
  • Amount & crypto type — exact amount sent (e.g., 1.02345 ETH, 0.5 BTC, 500 USDT)
  • Transaction ID (hash) — the unique identifier of each transaction on the blockchain
  • Exact dates & times — when each transaction was made, when you first contacted the scammer
  • Screenshots of everything — the scam website, chat messages, emails, wallet transactions, social media profiles
  • URLs & domains — all websites, apps, and links the scammer used (this page: absolute-cinema.net)
Where To Report
File official reports
  • FBI IC3 — Internet Crime Complaint Center. Primary US federal cybercrime reporting portal
  • Europol — European cybercrime reporting for EU residents
  • Chainabuse — report scam wallet addresses to flag them across exchanges & platforms
  • Your crypto exchange — contact support (Coinbase, Binance, Kraken etc.) to flag the scammer's address and freeze transfers
  • Local police — file a report even if they can't act immediately. It creates an official record for future investigations
How Crypto Scams Work
Know the tactics
  • Fake websites — scammers clone legitimate sites pixel-by-pixel, often with slightly altered domains
  • Malicious approvals — wallet "connect" prompts can grant unlimited token spending access to attackers
  • Social engineering — "pig butchering" scams build trust over weeks via Telegram, WhatsApp, or dating apps before stealing
  • Recovery scams — after losing money, victims are targeted AGAIN by "recovery agents" who demand upfront fees. This is always a scam
  • Fake ads & airdrops — Google/social media ads and "free token" offers lead to wallet-draining sites
Protect Yourself Going Forward
Prevention tips
  • Use a hardware wallet — Ledger, Trezor, or similar. Never store large amounts in browser wallets
  • Bookmark official sites — never click links from emails, DMs, or ads. Always type URLs manually or use bookmarks
  • Read every approval — before signing any transaction, verify what permissions you're granting. Reject unlimited approvals
  • Verify domains — check any domain on PhishDestroy before interacting. Look for HTTPS, correct spelling, and domain age
  • "Too good to be true" = scam — guaranteed returns, celebrity endorsements, urgent deadlines are always red flags
Crypto Crime Statistics
2024 data
  • $51 billion in crypto flowed to illicit wallets in 2024 — CoinLedger Research
  • Pig butchering is now the fastest-growing type of crypto fraud, with losses increasing 40% year over year
  • AI-powered scams are rising — deepfakes, automated phishing, and AI-generated fake websites make fraud harder to detect
  • Only ~5% of victims report — your report helps law enforcement build cases and shut down criminal networks
  • FBI recovered $1B+ in crypto fraud losses in 2024 thanks to victim reports — FBI.gov
Sources FBI — Common Frauds | FBI — Crypto Fraud | CoinLedger Crime Report | AI & Crypto Statistics