# kra-b18.cc — MALICIOUS

> PhishDestroy identifies kra-b18.cc as an active generic phishing domain. 11 of 95 VirusTotal scanners flag it.

## Summary
PhishDestroy identifies kra-b18.cc as a live generic phishing domain designed to mimic legitimate services and harvest user credentials or payment details.

This domain was flagged by 11 of 95 VirusTotal security vendors, registered on December 12, 2023 through NICENIC INTERNATIONAL GROUP CO., LIMITED. It resolves to IP address 104.21.27.243 and holds a Google Trust Services SSL certificate, increasing its appearance of legitimacy to potential victims.

If you visited kra-b18.cc, avoid entering any personal information and immediately close the browser tab. Run a malware scan on your device using up-to-date security software. Report the domain to your IT security team or through your organization’s phishing reporting channel. Never reuse passwords across sites and enable two-factor authentication on all critical accounts to reduce exposure from credential theft.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-12 04:52:26
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.27.243

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/131569e7-d6ca-4e56-b94b-11276f4d0257
- PhishDestroy: https://phishdestroy.io/domain/kra-b18.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-b18.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-b18.cc/
Last updated: 2026-03-26