# krab6c.cc — SUSPICIOUS

> PhishDestroy identifies krab6c.cc as hosting active credential phishing pages. Resolves to 172.67.178.76, flagged by 4/95 VirusTotal scanners.

## Summary
PhishDestroy identifies krab6c.cc as an actively malicious domain hosting credential phishing content designed to harvest user login details. The domain exhibits multiple red flags aligning with targeted social-engineering campaigns, warranting an elevated risk classification.    This domain was flagged on December 11, 2025, and resolves to IP address 172.67.178.76. It is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and carries a Google Trust Services SSL certificate to appear legitimate. VirusTotal analysis shows 4 out of 95 participating security vendors have already marked the domain as malicious. While the registrar and SSL provider suggest normalcy, the low detection rate and active domain creation strongly indicate a newly deployed phishing infrastructure.    Credential phishing domains like krab6c.cc typically mimic trusted login portals to trick users into entering sensitive information. Mitigation requires immediate avoidance: do not interact with the domain, avoid entering credentials or personal data, and report the site to your browser vendor or a phishing intelligence service. Use password managers with built-in phishing detection and enable multi-factor authentication on all critical accounts to reduce exposure even if credentials are inadvertently submitted. Monitor financial and account activity for signs of compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-11 20:08:03
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.178.76

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7ed7d298-7cdf-4dec-ae27-9feaa777e683
- PhishDestroy: https://phishdestroy.io/domain/krab6c.cc/
- LLM endpoint: https://phishdestroy.io/domain/krab6c.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/krab6c.cc/
Last updated: 2026-03-26