# att.kautr.cc — MALICIOUS

> att.kautr.cc is linked to phishing threats. Avoid interacting with this domain and ensure your devices are secure. Stay vigilant online.

## Summary
PhishDestroy identifies att.kautr.cc as a high-risk phishing domain designed to deceive users and potentially capture sensitive information. The domain poses a significant threat due to its malicious intent and association with phishing activity, which can lead to identity theft or financial loss.

Technically, att.kautr.cc resolves to IP address 47.253.81.117 and was registered recently on February 21, 2026, through Dominet (HK) Limited. The domain currently displays a generic "Welcome to nginx!" page but has been flagged by 16 out of 95 security vendors on VirusTotal and appears on at least one security blocklist, confirming its suspicious nature.

At present, the domain is offline, reducing immediate risk. Users are advised to avoid visiting att.kautr.cc and to maintain updated security software. Continuous monitoring and caution are recommended to prevent exposure to phishing scams and related cyber threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 200)
- Page title: Welcome to nginx!

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2027-01-19 00:00:00
- Registrar: Dominet (HK) Limited
- Country: HK
- IP: 47.253.81.117
- IP Country: US
- IP City: Virginia Beach
- IP Org: AS45102 Alibaba (US) Technology Co., Ltd.
- Nameservers: ns7.alidns.com ns8.alidns.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "Bfore.Ai PreCrime", "BitDefender", "Cluster25", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Seclookup", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019be046-6f46-70cd-ae2a-7d0d25b3c610.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/e560c5eb-801f-4fdc-a25b-d5f23c3e8bd6
- PhishDestroy: https://phishdestroy.io/domain/att.kautr.cc/
- LLM endpoint: https://phishdestroy.io/domain/att.kautr.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/att.kautr.cc/
Last updated: 2026-03-19