# moonalisa.site — SUSPICIOUS

> The domain moonalisa.site has been flagged as a phishing threat by PhishDestroy. Our automated analysis detected 2 risk indicators associated with this domain. View WHOIS data, SSL certificate analysis, and blocklist status in the full report.

## Summary
Threat Overview
The domain moonalisa.site has been flagged as a phishing threat. PhishDestroy's automated scanning systems detected multiple risk indicators associated with this domain.
Detection Details
This domain was identified through a combination of automated analysis, community reports, and cross-referencing with global threat intelligence feeds including VirusTotal, Google Safe Browsing, and 50+ specialized blocklists.
Risk Indicators

- Domain registered on site TLD
- Domain length: 14 characters
- Uses a TLD frequently associated with malicious domains
- Vt Detected

Stay Safe
Always verify URLs before entering credentials. Use a password manager to avoid typing passwords on fake sites. Enable two-factor authentication wherever possible.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)
- Page title: Moona Lisa | Airdrop

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 104.21.80.1
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Gridinsoft"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019919db-cae4-74f8-81f7-ed6be7c24fa6.png
- PhishDestroy: https://phishdestroy.io/domain/moonalisa.site/
- LLM endpoint: https://phishdestroy.io/domain/moonalisa.site/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/moonalisa.site/
Last updated: 2026-03-19