# kkra77.cc — SUSPICIOUS

> kkra77.cc is a credential theft phishing site flagged by 0 of 95 VirusTotal vendors. Registered via NICENIC INTERNATIONAL, this domain resolves to 188.114.96.3.

## Summary
PhishDestroy identifies kkra77.cc as an active credential theft domain currently under investigation. This domain is associated with fraudulent activities designed to harvest user credentials under false pretenses. The threat remains active as of the latest analysis, with no remediation observed at this time.  kkra77.cc resolves to IP address 188.114.96.3 and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on June 02, 2025. VirusTotal currently shows 0 detections out of 95 vendor scans, indicating a low initial flagging rate. The domain holds an SSL certificate issued by Google Trust Services, which may enhance its perceived legitimacy to potential victims. No entries were found on major threat intelligence blocklists at the time of this report, though this status may change as further intelligence is gathered.  Given the active status of this credential theft domain and its low detection rate, users and organizations are strongly advised to block kkra77.cc at the network and endpoint levels. Implement DNS filtering to prevent access to this domain and monitor for any associated IP-based traffic. Security teams should also review logs for any interactions with this domain or its IP address. Immediate action is critical to mitigate potential credential harvesting and subsequent account takeovers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-06-02 15:15:33
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/kkra77.cc
- PhishDestroy: https://phishdestroy.io/domain/kkra77.cc/
- LLM endpoint: https://phishdestroy.io/domain/kkra77.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kkra77.cc/
Last updated: 2026-04-03