# at-kra33.cc — MALICIOUS

> at-kra33.cc is an active credential theft domain flagged by 14 of 95 VirusTotal vendors. Created in 2025, exercise caution and avoid interaction.

## Summary
The domain at-kra33.cc poses a credential theft threat, aiming to deceive users into revealing sensitive login information. Such attacks often lead to unauthorized access to personal, financial, or business accounts, resulting in potential identity theft or financial loss. Users encountering this site risk having their usernames, passwords, or other private data compromised by malicious actors.

PhishDestroy identifies at-kra33.cc as a high-risk domain due to several technical indicators. The domain was created recently on January 23, 2025, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. It is secured by an SSL certificate issued by Google Trust Services, which can give a false sense of legitimacy. VirusTotal analysis flags this domain by 14 out of 95 security vendors, confirming its malicious nature. The domain resolves to IP address 172.67.202.184, which may be associated with other suspicious activities.

If you have visited at-kra33.cc, it is critical to immediately change any passwords you may have entered and enable multi-factor authentication on your accounts. Avoid providing any further personal details on this or similar domains. Running a full antivirus scan and monitoring your accounts for unusual activity is also recommended. Staying vigilant and verifying website authenticity before sharing credentials can prevent falling victim to such credential theft attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-01-23 20:58:03
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.202.184

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1de0b0e0-21c9-4445-8812-18d74d50dd1c
- PhishDestroy: https://phishdestroy.io/domain/at-kra33.cc/
- LLM endpoint: https://phishdestroy.io/domain/at-kra33.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/at-kra33.cc/
Last updated: 2026-03-26