# kra20at.cc — MALICIOUS

> kra20at.cc is a PayPal-themed credential phishing domain flagged by 12 of 95 VirusTotal vendors. Immediate risk confirmed. Check the full report.

## Summary
PhishDestroy identifies kra20at.cc as an active PayPal credential phishing domain with an elevated risk rating. 

This domain was flagged by 12 of 95 VirusTotal security vendors and resolves to IP 104.131.175.233. The site operates under a Let's Encrypt SSL certificate, increasing its appearance of legitimacy, but its recent creation and low trust scores strongly indicate malicious intent. Blocklist checks reveal consistent categorization as a phishing resource. 

Threat indicators include the domain’s suspicious SSL certification, hosting location, and immediate detection across multiple cybersecurity platforms. Users are advised to avoid interacting with kra20at.cc and report it to relevant authorities. Organizations should implement network-level blocking of this domain and IP address to prevent access. Immediate browser updates and phishing awareness training are recommended to mitigate exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.131.175.233

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/78c1ac95-2402-4944-b842-1c6ce2c1354c
- PhishDestroy: https://phishdestroy.io/domain/kra20at.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra20at.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra20at.cc/
Last updated: 2026-03-28