# apps-moonshot.org — SUSPICIOUS > PhishDestroy identifies apps-moonshot.org as a live Moonshot brand impersonation hosting 0/95 detections as of April 2026. ## Summary PhishDestroy analysts have confirmed that apps-moonshot.org is actively operating as a fraudulent site impersonating the Moonshot brand, posing a direct threat to users seeking legitimate Moonshot services. This domain was registered on April 8, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com, a registrar frequently leveraged by threat actors due to its low barrier to entry and minimal vetting process. Resolving to IP 104.21.2.229, the domain currently holds a valid SSL certificate issued by Let's Encrypt, which may lend an air of legitimacy to unsuspecting visitors. Despite its fresh registration, the domain has not yet been flagged by any of the 95 VirusTotal engines, highlighting a concerning window of opportunity for exploitation before traditional detection mechanisms catch up. The threat posed by apps-moonshot.org is significant, as it specifically targets users searching for Moonshot-branded services or products. Brand impersonation is a well-documented tactic used by cybercriminals to harvest login credentials, payment information, or deliver malware under the guise of a trusted entity. This domain is currently unblocked by major threat intelligence platforms, with no detections recorded on VirusTotal, leaving users and organizations vulnerable to potential compromise. Threat actors often deploy such domains in phishing campaigns, malvertising, or social engineering lures to maximize exposure and deception. Given its recent creation and the absence of detections, this domain could proliferate rapidly across attack vectors before security measures adapt. Users who have encountered or visited apps-moonshot.org are strongly advised to take immediate precautions. First, avoid interacting with the site or any affiliated links, as the domain may host fake login portals or malicious payloads designed to steal sensitive information. If credentials or personal data were entered, change passwords immediately and enable multi-factor authentication on all accounts where Moonshot services are used. Organizations should consider blocking the domain at the network level using DNS filtering or firewall rules, and report the domain to relevant authorities such as the Anti-Phishing Working Group (APWG) or your organization's threat intelligence team. Additionally, monitor for any unusual account activity or unauthorized access attempts linked to this impersonation campaign. Proactive reporting and vigilance are critical to mitigating the risk posed by evolving brand impersonation threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Moonshot ## Domain Intelligence - Registered: 2026-04-08 18:52:49 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 104.21.2.229 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/apps-moonshot.org - PhishDestroy: https://phishdestroy.io/domain/apps-moonshot.org/ - LLM endpoint: https://phishdestroy.io/domain/apps-moonshot.org/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/apps-moonshot.org/ Last updated: 2026-04-11