# apps-krrakein-login.pages.dev — MALICIOUS

> High-risk phishing domain apps-krrakein-login.pages.dev flagged for credential theft. Avoid interaction and report suspicious activity immediately.

## Summary
PhishDestroy identifies apps-krrakein-login.pages.dev as a high-risk credential phishing domain designed to steal user login information. The threat poses significant danger due to its intent to compromise sensitive credentials, potentially leading to identity theft or financial loss.

This domain has been flagged on three separate security blocklists and is registered via Cloudflare, Inc. It was created recently on February 21, 2026, indicating it is part of an emerging phishing campaign. VirusTotal analysis shows 14 out of 95 security vendors detect malicious activity, and Google Safe Browsing classifies it under social engineering threats. These factors underscore the domain’s malicious infrastructure and active usage in phishing attempts.

Currently, apps-krrakein-login.pages.dev is offline, reducing immediate risk; however, the threat actors may deploy similar infrastructures under different domains. Users and organizations are advised to remain vigilant, avoid clicking suspicious links, and report any phishing attempts encountered. Maintaining updated security solutions and employing multi-factor authentication can mitigate potential damage from such phishing campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.191
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["maleah.ns.cloudflare.com", "justin.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2f64-1195-7389-8a76-303638f4fb92.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8d33bc1e-e5b5-4eb7-a51f-b9381586bc88
- PhishDestroy: https://phishdestroy.io/domain/apps-krrakein-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/apps-krrakein-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/apps-krrakein-login.pages.dev/
Last updated: 2026-03-19