# kra-b15.cc — SUSPICIOUS

> kra-b15.cc is an active generic phishing domain used for fake login scams, flagged by 4 of 95 VirusTotal vendors. Verify safety on PhishDestroy.

## Summary
The domain kra-b15.cc has been identified as an active generic phishing threat primarily targeting users with fake login scams. Although the domain does not appear to impersonate a specific well-known brand, it serves as a lure to steal credentials by mimicking legitimate login pages. The phishing activity remains ongoing with elevated risk to unsuspecting users.

Technical intelligence reveals kra-b15.cc was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on December 12, 2025. It currently resolves to the IP address 188.114.96.3 and uses an SSL certificate issued by Google Trust Services, which may lend a false sense of security to victims. VirusTotal data shows that 4 out of 95 security vendors have flagged this domain as malicious, indicating moderate detection and consensus on its threat status. Although the exact blocklist count and trust scores are not provided, the elevated risk level and active status underscore the domain's malicious intent and persistence.

Given the domain's active status and elevated risk, users and network defenders should exercise caution by avoiding any interactions with kra-b15.cc. Organizations are advised to add kra-b15.cc to internal blocklists and monitor related IP 188.114.96.3 for suspicious traffic. End users should verify any login requests purportedly coming from this domain through trusted sources like PhishDestroy. Continuous monitoring and user education on phishing indicators remain essential to mitigate potential credential theft from this active generic phishing domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-12 04:52:30
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/de01f21a-b796-479c-938a-3a589a6beee8
- PhishDestroy: https://phishdestroy.io/domain/kra-b15.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-b15.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-b15.cc/
Last updated: 2026-03-26