# supp-krkn-login.pages.dev — MALICIOUS

> supp-krkn-login.pages.dev flagged for credential phishing. Domain is offline but was marked dangerous. Learn how to stay protected.

## Summary
PhishDestroy identifies supp-krkn-login.pages.dev as a high-risk credential phishing domain designed to steal user login information. Credential phishing poses serious risks including identity theft and unauthorized account access.

This domain was created recently on February 21, 2026, and resolved to IP 172.66.44.163. It was registered through Cloudflare, Inc., and flagged for social engineering by Google Safe Browsing. Multiple security blocklists and 16 out of 95 VirusTotal vendors flagged it before it was taken offline.

Users should avoid visiting this domain or entering any credentials if encountered. Always verify URLs carefully, use multi-factor authentication, and keep security software updated to mitigate phishing threats like this.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.163
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["kolton.ns.cloudflare.com", "lara.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c701b-58f4-76c8-a7a6-d18be319736f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/5c1818c1-225a-440b-8f30-9887c53d8ab5
- PhishDestroy: https://phishdestroy.io/domain/supp-krkn-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/supp-krkn-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/supp-krkn-login.pages.dev/
Last updated: 2026-03-19