# moongamb.com — SUSPICIOUS > PhishDestroy identifies moongamb.com as a crypto drainer phishing domain with 0/95 VirusTotal detections. ## Summary PhishDestroy has flagged moongamb.com as an active crypto drainer phishing domain currently under investigation. This domain, registered through Hello Internet Corp on February 16, 2026, resolves to IP 66.198.225.39 and has not yet been flagged by VirusTotal (0/95 detections). Its use of a Let's Encrypt SSL certificate suggests an attempt to appear legitimate, potentially luring victims into connecting cryptocurrency wallets or submitting credentials under false pretenses. Technical indicators reveal a newly registered domain with minimal historical scrutiny, compounded by its lack of detection coverage. The absence of detections (0/95) indicates this threat may be evading traditional security measures, while the recent creation date and specific IP association suggest opportunistic malicious activity. Users should treat this domain with extreme caution, as it may be leveraged in targeted campaigns against cryptocurrency users or financial services. If you or your organization has encountered this domain, disconnect any connected wallets immediately and scan for unauthorized transactions or malware. Report the domain to your security team and block it at the network level using the IP address (66.198.225.39) and domain name. Consider revoking any permissions granted to cryptocurrency-related sites linked to moongamb.com. Stay vigilant for follow-on phishing attempts, as actors behind such domains often reuse infrastructure for secondary attacks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-16 20:11:22 - Registrar: Hello Internet Corp - IP: 66.198.225.39 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/moongamb.com - PhishDestroy: https://phishdestroy.io/domain/moongamb.com/ - LLM endpoint: https://phishdestroy.io/domain/moongamb.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/moongamb.com/ Last updated: 2026-04-04