# casebafnle.com — SUSPICIOUS

> Discover the latest on casebafnle.com, an active phishing domain. Learn its risk level, infrastructure, and safety tips to protect yourself.

## Summary
PhishDestroy identifies casebafnle.com as an active phishing domain posing a low risk to users. The domain is involved in generic phishing attempts, aiming to deceive victims through fraudulent communications. While the threat level is currently assessed as low, users should remain vigilant due to ongoing malicious activity.

The domain casebafnle.com was registered recently on May 19, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to the IP address 104.21.0.135, which is associated with content delivery networks commonly abused by phishing actors to host deceptive pages. VirusTotal analysis flags the domain by 2 out of 95 security vendors, indicating some recognition of its malicious intent but limited detection coverage. This suggests the campaign might be in early stages or employing evasive tactics.

Currently, casebafnle.com remains active and under observation. Users are advised to avoid interacting with links or communications referencing this domain. Organizations should consider blocking the domain at network gateways and updating email filters to reduce exposure. Continuous monitoring and user education remain critical to mitigating potential impacts from this low-risk but ongoing phishing threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)
- Page title: Уникальная платформа, созданная для настоящих ценителей крутых предметов!

## Domain Intelligence
- Registered: 2026-03-05 19:07:02
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- Country: HK
- IP: 104.21.0.135
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: asa.ns.cloudflare.com pablo.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbf0e-8f3e-7502-a8f5-77e0409fce65.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/casebafnle.com
- Wayback Machine: https://web.archive.org/web/https://casebafnle.com
- PhishDestroy: https://phishdestroy.io/domain/casebafnle.com/
- LLM endpoint: https://phishdestroy.io/domain/casebafnle.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/casebafnle.com/
Last updated: 2026-03-16