# governance-moonwell.finance — SUSPICIOUS

> governance-moonwell.finance shows low phishing risk but caution is advised. Avoid sharing sensitive info until further verification.

## Summary
PhishDestroy identifies governance-moonwell.finance as a domain exhibiting characteristics associated with generic phishing attempts. While the overall risk level is currently classified as low, users should remain vigilant when interacting with this site due to its potential to impersonate legitimate governance or finance-related platforms. The domain may be used to trick users into divulging sensitive information or credentials.

The domain resolves to the IP address 188.114.96.3. VirusTotal analysis shows only 1 out of 95 security vendors flagging this domain, indicating limited but non-negligible suspicion from automated detection engines. This low detection rate suggests either emerging or subtle malicious activity. The domain's infrastructure does not currently display extensive indicators of compromise, but the association with the Moonwell finance branding could be an attempt to leverage trust. The unique seed 03b749 was used to ensure a distinct analysis focus.

At present, governance-moonwell.finance remains active but under close observation. PhishDestroy recommends that users avoid submitting personal or financial information on this website until further verification confirms its legitimacy. Organizations should consider monitoring network traffic related to this domain and updating security controls accordingly. Continued surveillance and user awareness are critical to mitigating potential phishing risks associated with this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-03-07 01:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["adam.ns.cloudflare.com", "danica.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/SDpRj9mG/3a98617e2c0e.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/54ec17d5-092f-4022-820f-140cffdb16ca
- Wayback Machine: https://web.archive.org/web/https://governance-moonwell.finance
- PhishDestroy: https://phishdestroy.io/domain/governance-moonwell.finance/
- LLM endpoint: https://phishdestroy.io/domain/governance-moonwell.finance/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/governance-moonwell.finance/
Last updated: 2026-03-19