# kra-36cc.cc — MALICIOUS

> kra-36cc.cc is an active credential theft site flagged by 15 of 95 VT vendors. Created July 2025. Stay cautious and do not share personal info.

## Summary
The domain kra-36cc.cc poses a significant threat by engaging in credential theft. This means it attempts to steal usernames, passwords, or other login details from unsuspecting users. Such stolen credentials can lead to unauthorized access to personal accounts, financial loss, or identity fraud, making this site particularly dangerous for anyone who interacts with it.

This domain was created recently on July 10, 2025, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. Its IP address resolves to 185.226.92.168, and it uses a Let's Encrypt SSL certificate to appear legitimate and secure. Importantly, 15 out of 95 security vendors on VirusTotal have flagged kra-36cc.cc for credential theft activities, confirming its malicious intent and elevating the risk level for users.

If you have visited kra-36cc.cc, it is crucial to take immediate protective actions. Avoid entering any personal or login information on the site. If you suspect that you may have provided credentials, change your passwords immediately on all affected accounts and enable two-factor authentication where possible. Additionally, monitor your accounts for any suspicious activity and consider running a full security scan on your device. Staying vigilant and informed helps protect your personal data from falling into the wrong hands.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-07-10 17:59:51
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 185.226.92.168

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/60aee805-16d4-46ab-be51-4b83e7ea3e8f
- PhishDestroy: https://phishdestroy.io/domain/kra-36cc.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-36cc.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-36cc.cc/
Last updated: 2026-03-26