# kra36--at.com — SUSPICIOUS

> Beware: kra36--at.com is a fake login page impersonating a crypto service, recently registered on July 30, 2025.

## Summary
PhishDestroy identifies kra36--at.com as a fraudulent domain actively distributing a fake login page designed to steal cryptocurrency credentials. This site mimics a legitimate crypto platform, tricking users into entering sensitive wallet or exchange login details. Once harvested, attackers drain victim accounts, causing irreversible financial losses. Do not interact with this domain under any circumstances.  This domain was flagged due to its recent registration on July 30, 2025, resolving to IP address 172.67.185.215. The domain is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and uses a Google Trust Services SSL certificate to appear legitimate. VirusTotal currently shows 0 out of 95 detections, meaning many security tools have not yet blacklisted it. Its generic-sounding name and use of double hyphens are deliberate obfuscation tactics to evade scrutiny.  If you visited kra36--at.com or entered any credentials, immediately revoke session access on your crypto platform, change all passwords, and enable two-factor authentication. Run a malware scan on your device. Report the domain to PhishDestroy for investigation using the unique seed e15fbb. Always verify URLs manually—never trust links in emails or messages claiming to be from crypto services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-07-30 13:05:06
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.185.215

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4a35c3c1-0fb5-4db1-872c-5fc6464f5307
- PhishDestroy: https://phishdestroy.io/domain/kra36--at.com/
- LLM endpoint: https://phishdestroy.io/domain/kra36--at.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra36--at.com/
Last updated: 2026-03-28