# casebaltle.com — MALICIOUS

> casebaltle.com is linked to medium-risk phishing activity. Stay cautious and avoid sharing personal info. Learn more on PhishDestroy.

## Summary
PhishDestroy identifies casebaltle.com as a medium-risk phishing domain aiming to deceive users by collecting sensitive information. Classified under generic phishing threats, this domain poses a significant danger to unsuspecting visitors by potentially harvesting credentials or financial data.

Supporting this assessment, casebaltle.com was recently registered on March 9, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar often associated with suspicious registrations. The domain resolves to IP address 172.67.164.6, which is linked to a network frequently exploited for malicious activity. VirusTotal flags the domain by 6 out of 95 security vendors, indicating growing recognition of its suspicious behavior. These technical details suggest active malicious intent and reinforce the medium threat level assigned.

To mitigate risks, users should avoid interacting with casebaltle.com or providing any personal or financial information. Organizations should consider blocking this domain on their networks and employ email filtering to prevent phishing attempts using this URL. The domain remains active, so vigilance is essential. PhishDestroy continues to monitor casebaltle.com for updates and any escalation in threat status.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Case-Battle — это уникальная платформа, созданная для настоящих ценителей крутых скинов!

## Domain Intelligence
- Registered: 2026-03-05 19:07:02
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- Country: HK
- IP: 172.67.164.6
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: kellen.ns.cloudflare.com suzanne.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbf10-628e-74e2-a96f-30c9a9ea5364.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/casebaltle.com
- Wayback Machine: https://web.archive.org/web/https://casebaltle.com
- PhishDestroy: https://phishdestroy.io/domain/casebaltle.com/
- LLM endpoint: https://phishdestroy.io/domain/casebaltle.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/casebaltle.com/
Last updated: 2026-03-16