# gordenmart.cfd — SUSPICIOUS > Threat intelligence identifies gordenmart.cfd as a fake online store phishing site. IP 188.114.97.3 is involved; full report available. ## Summary PhishDestroy identifies gordenmart.cfd as an active fake online retail phishing domain under investigation. The site masquerades as a legitimate online marketplace to harvest payment credentials and personal data from unsuspecting shoppers. This campaign is classified as a high-risk credential-harvesting threat due to its deceptive e-commerce facade and active infrastructure. This domain was flagged on April 02, 2026, resolving to IP address 188.114.97.3 and registered through Aceville Pte. Ltd. using a Let’s Encrypt SSL certificate. VirusTotal currently shows 0 out of 95 engines detecting the threat, indicating it remains under the radar. The domain’s recent creation and clean detection profile suggest it is a newly deployed scam site. No entries were found on major blocklists or threat intelligence feeds at the time of analysis, which correlates with the low detection rate. To mitigate risk, users should avoid accessing gordenmart.cfd and verify any online store’s legitimacy via official channels or trusted reviews. Block the domain at the network level and report the site to your email provider, browser vendor, or threat intelligence platforms. If credentials were entered, change passwords immediately and monitor financial accounts for unauthorized activity. Organizations should add the IP and domain to firewall and IDS/IPS blocklists using the seed ac1817 for tracking. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-02 01:42:52 - Registrar: Aceville Pte. Ltd. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/gordenmart.cfd - PhishDestroy: https://phishdestroy.io/domain/gordenmart.cfd/ - LLM endpoint: https://phishdestroy.io/domain/gordenmart.cfd/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gordenmart.cfd/ Last updated: 2026-04-06