# ntrkcard.one — SUSPICIOUS

> Beware of ntrkcard.one, a low-risk but active phishing domain flagged for social engineering. Avoid visits and protect your data immediately.

## Summary
PhishDestroy identifies ntrkcard.one as an active phishing domain categorized under a low risk level. The threat centers on generic phishing tactics designed to deceive users into divulging sensitive information. Despite its lower risk classification, caution is advised because phishing campaigns can quickly evolve and impact unsuspecting victims.

Supporting intelligence includes a Google Safe Browsing flag indicating "SOCIAL_ENGINEERING," a common marker of phishing activity. The domain was registered recently on February 27, 2026, through Dynadot Inc, and resolves to IP address 104.21.43.131. VirusTotal analysis shows that 2 out of 95 security vendors currently flag this domain, confirming some detection albeit at a minimal level. The domain remains active, suggesting ongoing or potential phishing attempts.

Users are strongly encouraged to avoid interacting with ntrkcard.one and to verify URLs carefully before entering any personal information. Organizations should consider blocking this domain at the network level and monitoring for related phishing indicators. Given its active status and social engineering classification, vigilance is critical to mitigating exposure to this evolving phishing threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: ntrkcard.one | 522: Connection timed out

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- Registrar: Dynadot LLC
- Country: US
- IP: 104.21.43.131
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["rayne.ns.cloudflare.com", "skip.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Google Safebrowsing", "SOCRadar"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/9kLyF1gJ/ac330a340ceb.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/5695cf57-dce9-4466-a8bf-9a591d9bf192
- Wayback Machine: https://web.archive.org/web/https://ntrkcard.one
- PhishDestroy: https://phishdestroy.io/domain/ntrkcard.one/
- LLM endpoint: https://phishdestroy.io/domain/ntrkcard.one/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ntrkcard.one/
Last updated: 2026-03-19