# moonova.org — SUSPICIOUS

> moonova.org has been flagged for phishing activity. The domain is currently offline but previously appeared on security blocklists. Stay cautious.

## Summary
PhishDestroy identifies moonova.org as a low-risk phishing domain that was created on February 21, 2026. Although the threat level is assessed as low, the domain was associated with generic phishing activity aimed at deceiving users into divulging sensitive information. It is important to remain vigilant against potential scams even from domains with limited exposure.

The domain was registered through an inactive or dead domain registrar, which can sometimes be indicative of short-lived, disposable infrastructure commonly used in phishing campaigns. moonova.org appeared on at least one security blocklist and was flagged by two security vendors on VirusTotal utilizing a pool of 95 scanners. These findings suggest some level of malfeasance but limited distribution or effectiveness. The use of such a domain could imply that threat actors were testing or staging phishing attempts.

Currently, moonova.org is offline, significantly reducing any immediate risk to users. PhishDestroy recommends that individuals avoid visiting this domain and maintain updated security protections. Organizations should monitor blocklists and update email security filters to prevent any future resurgence or related phishing infrastructure. Users encountering suspicious emails referencing moonova.org should report them to their IT teams or security providers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 451)
- Page title: Deployment Unavailable

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Porkbun LLC
- Country: US
- Nameservers: ["maceio.ns.porkbun.com", "curitiba.ns.porkbun.com", "salvador.ns.porkbun.com", "fortaleza.ns.porkbun.com"]
- SSL Issuer: R13

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["CRDF", "Gridinsoft"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199c651-bead-71bb-a952-5c200902b5e7.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/57aeca9f-b771-4dae-857b-42edd2dbb2bc
- PhishDestroy: https://phishdestroy.io/domain/moonova.org/
- LLM endpoint: https://phishdestroy.io/domain/moonova.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/moonova.org/
Last updated: 2026-03-19