# kra33---at.cc — SUSPICIOUS

> PhishDestroy identifies kra33---at.cc as an active credential-harvesting phishing domain. Registered July 16, 2025, with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies kra33---at.cc as a live credential-harvesting phishing domain designed to trick visitors into submitting usernames and passwords under false pretenses. The site mimics a legitimate login interface, often luring users through deceptive links or spoofed emails that appear to come from trusted brands. Without up-to-date defenses, victims risk immediate account takeovers and potential cascading financial or identity fraud.  This domain was flagged based on forensic indicators collected July 16, 2025. Intelligence shows it is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP 185.226.92.168, carries a valid Let’s Encrypt SSL certificate, and remains undetected by VirusTotal engines with a clean score of 0 detections out of 95 scans at the time of analysis.  If you visited kra33---at.cc, cease use of any credentials entered there immediately. Change passwords on other accounts using the same or similar login details, enable multifactor authentication wherever available, and scan your devices for malware. Report the domain to your organization’s security team and consider notifying your email provider to strengthen inbound filtering rules. Monitor financial statements closely for unauthorized transactions and remain vigilant for follow-on phishing attempts leveraging your exposed data.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-07-16 19:12:57
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 185.226.92.168

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d92df340-d37e-409c-9f26-b2e7106f3b90
- PhishDestroy: https://phishdestroy.io/domain/kra33---at.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra33---at.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra33---at.cc/
Last updated: 2026-03-26