# portal-krakenn-com.pages.dev — MALICIOUS

> portal-krakenn-com.pages.dev is a high-risk phishing domain flagged for social engineering. Avoid interaction and report suspicious activity immediately.

## Summary
PhishDestroy identifies portal-krakenn-com.pages.dev as an active and high-risk phishing domain. This site is involved in generic phishing attacks designed to deceive users into revealing sensitive information or credentials. The threat exploits social engineering tactics to trick victims, posing significant risks to individual and organizational security.

The domain was registered recently on February 21, 2026, through Cloudflare, Inc., utilizing their services likely to obscure registrar details and improve site availability. It currently appears on three distinct security blocklists and is flagged by Google Safe Browsing for social engineering. VirusTotal analysis shows that 16 out of 95 security vendors detect the domain as malicious, confirming its role in ongoing phishing campaigns. The use of a Cloudflare-hosted pages.dev subdomain is indicative of attackers leveraging trusted platforms to lend credibility and evade detection.

As of now, portal-krakenn-com.pages.dev remains active and continues to pose a threat. Security professionals and users are strongly advised to avoid visiting this site and to exercise caution with unsolicited communications directing to this domain. Reporting any interactions or attempts to access this domain to security teams or threat intelligence platforms such as PhishDestroy can help mitigate risk and support broader protective measures.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Kraken
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.182
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["sandra.ns.cloudflare.com", "jobs.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c8b8d-5e5c-720b-8aef-e69feb50347c.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a574cabe-70bc-4f0f-ba75-4cf8a97d6f50
- PhishDestroy: https://phishdestroy.io/domain/portal-krakenn-com.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/portal-krakenn-com.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/portal-krakenn-com.pages.dev/
Last updated: 2026-03-19