# kra19-cc.com — SUSPICIOUS

> Domain kra19-cc.com poses as a credit card skimmer using a Let's Encrypt SSL certificate. VirusTotal shows 0/95 detections despite active phishing risks.

## Summary
PhishDestroy identifies kra19-cc.com as a fraudulent domain engineered for credit card skimming attacks, targeting unsuspecting users with deceptive payment portal mimics. This domain was flagged as a generic phishing threat under active investigation, with intelligence suggesting it mimics legitimate payment gateways to harvest sensitive financial data. The domain resolves to IP 103.224.212.203 and operates under a Let's Encrypt SSL certificate, which may further lull visitors into a false sense of security by displaying a misleading padlock icon in browsers.  This domain exhibits multiple red flags confirmed by threat intelligence. VirusTotal analysis reveals 0/95 detections as of the latest scan, indicating it has evaded mainstream antivirus and security tool signatures—a common trait among newly deployed skimming campaigns. The domain was registered through Virtualia LLC on November 20, 2025, suggesting a recent and hastily established infrastructure designed to exploit the holiday shopping season. While not yet widely blacklisted, its association with active phishing campaigns and the absence of detection underscores heightened risk.  Users who visited kra19-cc.com should immediately scan their devices for malware using reputable antivirus software such as Malwarebytes or Windows Defender Offline. Avoid entering any payment information or login credentials on this domain or any related pages. If you entered sensitive data, contact your bank or payment provider immediately to report potential fraud and request a card replacement. Monitor financial statements closely for unauthorized transactions. Report the domain to your browser's security team and consider using tools like uBlock Origin to block future access to this site. Exercise caution with any unsolicited links or pop-ups related to this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-20 19:34:22
- Registrar: Virtualia LLC
- IP: 103.224.212.203

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b0935f71-bd7d-42f4-8259-b0ce17e0c4ae
- PhishDestroy: https://phishdestroy.io/domain/kra19-cc.com/
- LLM endpoint: https://phishdestroy.io/domain/kra19-cc.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra19-cc.com/
Last updated: 2026-03-28