# guardan.io — MALICIOUS

> guardan.io is an active phishing domain flagged by multiple security sources. Avoid this site to protect your data. Stay vigilant and report suspicious ...

## Summary
PhishDestroy identifies guardan.io as a high-risk phishing domain actively targeting users. Classified under generic phishing threats, this domain is designed to deceive victims into disclosing sensitive information, posing significant risks to personal and financial security.

Technical analysis reveals that guardan.io is listed on eight major security blocklists and has been detected in 15 AlienVault OTX threat intelligence pulses. VirusTotal flags it by 16 out of 95 security vendors, indicating strong consensus on its malicious nature. The domain was registered recently on February 21, 2026, and is associated with infrastructure commonly used by phishing campaigns.

Currently active, guardan.io remains a persistent threat with ongoing malicious activity. PhishDestroy strongly recommends avoiding interaction with this domain and urges users and organizations to implement blocking measures and report any suspicious communications linked to it. Continuous monitoring and user education are essential to mitigate the impact of this phishing operation.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Your NodeJS Droplet

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Name.com, Inc.
- Nameservers: ["ns3dgr.name.com", "ns1fkl.name.com", "ns4blx.name.com", "ns2btz.name.com"]

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Phishing Database", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL", "PhishingDB"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1c0f3569-19bb-4700-ac7a-5cde4842e1f3
- PhishDestroy: https://phishdestroy.io/domain/guardan.io/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/guardan.io/
Last updated: 2026-03-14