# kra-ken--log-in.pages.dev — MALICIOUS

> kra-ken--log-in.pages.dev is a high-risk phishing site impersonating Kraken. Avoid interaction and report suspicious activity for your safety.

## Summary
PhishDestroy identifies kra-ken--log-in.pages.dev as a high-risk phishing domain impersonating the Kraken brand, designed to deceive users into disclosing sensitive information. Classified under brand impersonation, it mimics Kraken's login page to lure victims.

The domain resolves to IP 172.66.44.133 and was registered via Cloudflare, Inc. on February 21, 2026. Google Safe Browsing flags it for social engineering, with 14 out of 95 VirusTotal scanners marking it malicious. This domain appears on three security blocklists, reinforcing its dangerous nature.

Currently, kra-ken--log-in.pages.dev is offline following takedown actions. Users are advised to avoid accessing this site and remain vigilant against similar phishing attempts. PhishDestroy continues to monitor related threats to the Kraken brand under the unique seed aa68d1.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Kraken
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.133
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["daphne.ns.cloudflare.com", "sullivan.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2cc2-b61e-7077-8d4d-946345cc9235.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8dde6c42-f3b5-4d90-9300-1563e34f291d
- PhishDestroy: https://phishdestroy.io/domain/kra-ken--log-in.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/kra-ken--log-in.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-ken--log-in.pages.dev/
Last updated: 2026-03-19