# card-tw.org — SUSPICIOUS

> card-tw.org is a crypto-draining phishing site with 0/95 VirusTotal detections. Block it immediately and warn users before funds are stolen.

## Summary
PhishDestroy identifies card-tw.org as an active brand impersonation crypto drainer domain posing as a legitimate card service provider. This domain was flagged on April 04, 2026, only days after registration, indicating a likely campaign to exploit trust in card-related services. It resolves to IP 104.21.34.14 and uses a Let’s Encrypt SSL certificate to appear trustworthy, a common tactic among phishing operators.

This domain shows zero detections on VirusTotal out of 95 engines, highlighting a critical window of exposure where automated defenses have not yet caught up. It was registered through Global Domain Group LLC, a registrar known for high-risk domain turnovers. The combination of recent registration, zero blocklist coverage, and immediate use in phishing suggests a targeted campaign likely aimed at users expecting legitimate card services.

If you visited card-tw.org, immediately disconnect any connected wallets, revoke any approvals granted to suspicious domains, and scan your device for malware. Report the domain to your security team and file a complaint with your local cybercrime unit. Do not enter any credentials or approve transactions. Monitor your accounts closely for unauthorized activity and consider transferring remaining funds to a newly generated, secure wallet.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-04 17:21:30
- Registrar: Global Domain Group LLC
- IP: 104.21.34.14

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/card-tw.org
- PhishDestroy: https://phishdestroy.io/domain/card-tw.org/
- LLM endpoint: https://phishdestroy.io/domain/card-tw.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/card-tw.org/
Last updated: 2026-04-10