# kra-36-cc.com — MALICIOUS

> Learn why kra-36-cc.com is flagged as a phishing site tricking crypto users. Blocked by MetaMask, it has 6/95 VT detections and resolves to IP 188.114.97.3.

## Summary
PhishDestroy identifies kra-36-cc.com as an active phishing domain posing a specific threat to cryptocurrency users. The domain mimics legitimate crypto platforms to steal wallet credentials or funds. Blocked by MetaMask, this site is engineered to deceive users into entering sensitive wallet information or downloading malicious extensions under the guise of security updates.  This domain was flagged by 6 out of 95 VirusTotal security vendors and is listed on one security blocklist. kra-36-cc.com was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on February 08, 2025, and resolves to the IP address 188.114.97.3. The domain uses a Let's Encrypt SSL certificate, which is commonly exploited by scammers to appear trustworthy. These technical indicators reveal a well-coordinated phishing operation targeting users via spoofed interfaces and fake security alerts.  To mitigate risks, users should avoid interacting with kra-36-cc.com entirely. Ensure your browser extensions and wallet software are updated, and never enter credentials on unfamiliar sites. Use hardware wallets or verified multi-factor authentication (MFA) methods for crypto transactions. Report any suspicious activity to your wallet provider or security platform immediately. Stay vigilant against deceptive domains that exploit urgency or fear tactics to steal funds.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-02-08 00:40:32
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 6 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ec2ee49c-556d-48b6-98b4-392679e85096
- PhishDestroy: https://phishdestroy.io/domain/kra-36-cc.com/
- LLM endpoint: https://phishdestroy.io/domain/kra-36-cc.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-36-cc.com/
Last updated: 2026-03-27