# kra18att.cc — MALICIOUS

> kra18att.cc is an active phishing domain with a VirusTotal detection rate of 14/95. Users should avoid interaction and report suspicious messages.

## Summary
The domain kra18att.cc is currently identified as an active generic phishing threat. There is no specific brand association or known drainer kit tied to this domain, but it poses a significant risk by attempting to deceive users into divulging sensitive information. The page title simply matches the domain name, indicating a straightforward setup commonly used in phishing campaigns.

Technical indicators for kra18att.cc reveal a VirusTotal detection rate of 14 out of 95 security vendors flagging the domain, signaling a moderate but credible threat level. The domain was registered recently on January 31, 2026, through Gname 326 Inc. It resolves to the IP address 45.130.151.196 and uses a free SSL certificate issued by Let’s Encrypt, a common tactic to lend legitimacy to phishing sites. There is no mention of Google Safe Browsing status or blocklist count provided, but the elevated risk level suggests that some filtering mechanisms may already be in place.

Currently, kra18att.cc remains active and continues to pose an elevated phishing risk. Users are strongly advised to avoid interacting with this domain and to report any suspicious communications referencing it. Security teams should monitor network traffic for connections to the associated IP address and consider blocking the domain at the perimeter. Ongoing vigilance and user education are critical to mitigate the threat posed by this domain, as it remains a viable tool for credential theft or fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: kra18att.cc

## Domain Intelligence
- Registered: 2026-01-31 09:07:44
- Registrar: Gname 326 Inc
- IP: 45.130.151.196

## Detection Status
- VirusTotal: 14 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/db042526-b843-4f0e-840a-3e3794a9a734
- PhishDestroy: https://phishdestroy.io/domain/kra18att.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra18att.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra18att.cc/
Last updated: 2026-03-28