# keeta.us.cc — SUSPICIOUS

> keeta.us.cc is a crypto-draining phishing site with 0/95 VirusTotal detections, registered April 07 2006 through Gname.com.

## Summary
PhishDestroy identifies keeta.us.cc as an active crypto-draining phishing domain designed to trick users into connecting wallets and silently approve token transfers. Once connected, the site prompts fake “signing” messages that silently drain tokens via malicious smart-contract approvals while showing fake balance screens to delay detection. Wallet drainers like this exploit social trust and time-pressure tactics to steal crypto before victims realize what happened.  This domain was flagged by PhishDestroy on April 2024; VirusTotal shows 0/95 scanners currently detect the threat, highlighting how new or evasive phishing pages slip past generic filters. The domain was created April 07 2006 and is registered through Gname.com Pte. Ltd.; it resolves to IP 188.114.97.3, a known bulletproof hosting range often used by fraudulent crypto services. The Let’s Encrypt SSL certificate adds a veneer of legitimacy, increasing the chance users overlook red flags.  If you visited keeta.us.cc, immediately disconnect the wallet from your browser’s extension list and revoke any token approvals you may have granted through blockchain explorers like Etherscan or BscScan. Do not sign any further transactions until you verify the site hasn’t already moved funds. Run a recent antivirus scan on your device and reset browser cookies for sites where you store seed phrases or private keys. Report the domain to your wallet provider and to PhishDestroy to help protect others while accelerating takedown efforts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2006-04-07 08:02:09
- Registrar: Gname.com Pte. Ltd.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b75c9eef-13a1-4741-8b24-2ec55627a53d
- PhishDestroy: https://phishdestroy.io/domain/keeta.us.cc/
- LLM endpoint: https://phishdestroy.io/domain/keeta.us.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/keeta.us.cc/
Last updated: 2026-03-26