# casibom-yenilenennadrs.vip — MALICIOUS

> casibom-yenilenennadrs.vip shows signs of phishing activity. Avoid sharing personal info and verify site legitimacy before interacting.

## Summary
PhishDestroy identifies casibom-yenilenennadrs.vip as an active phishing domain classified under generic phishing campaigns. The domain's page title is "Hawkins," which may be used to lure victims. With a medium risk level, this domain attempts to deceive users into divulging sensitive information through social engineering tactics.

Technical indicators show the domain resolves to IP address 188.114.96.3 and was registered recently on December 09, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED. VirusTotal flags the domain by 6 out of 95 security vendors, indicating suspicious behavior but not overwhelming consensus. The domain's unusual name and recent creation date further support a likelihood of malicious intent. These factors imply ongoing use in phishing operations targeting unsuspecting users.

Currently, casibom-yenilenennadrs.vip remains active and should be treated cautiously. Users are advised to avoid clicking links or submitting any credentials on this site. Security teams should monitor related traffic and consider blocking connections to the domain to prevent potential credential theft or data compromise. Continued observation and intelligence sharing will help mitigate risks associated with this domain's phishing campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Hawkins

## Domain Intelligence
- Registered: 2026-03-09 09:07:01
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3
- Nameservers: newt.ns.cloudflare.com wren.ns.cloudflare.com

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "BitDefender", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "SOCRadar", "Sophos", "Trustwave", "Webroot", "alphaMountain.ai"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content

### Page Text
Your request was blocked.

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd1cf-a34d-71c2-87a4-167045094ee4.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/3fe76f6d-f349-4f36-8180-a6d5941bf64c
- PhishDestroy: https://phishdestroy.io/domain/casibom-yenilenennadrs.vip/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/casibom-yenilenennadrs.vip/
Last updated: 2026-03-14