# moonshot-list.app — SUSPICIOUS

> PhishDestroy identifies moonshot-list.app as a brand impersonation scam impersonating Moonshot. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy has flagged moonshot-list.app as a domain actively impersonating the legitimate brand Moonshot, a well-known entity in the technology sector. This site poses a direct threat to unsuspecting users by leveraging misspelled or misleading domain names to deceive visitors into believing they are interacting with an official Moonshot platform. Brand impersonation attacks like this are frequently used to harvest login credentials, distribute malware, or facilitate financial fraud, often through phishing pages that closely mimic the targeted brand's legitimate website. The domain's deceptive naming convention is designed to exploit user trust and trick individuals into disclosing sensitive information or downloading malicious content.

Evidence supporting the high-risk nature of moonshot-list.app includes several red flags: the domain was registered on March 22, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar that has been associated with fraudulent activity in the past. It resolves to IP address 104.21.85.207 and utilizes a Let's Encrypt SSL certificate, which does not guarantee legitimacy. Critically, VirusTotal currently reports 0/95 detections for this domain, indicating it remains undetected by most antivirus engines as of the latest analysis. While VirusTotal's detection count may fluctuate, the combination of recent domain creation, suspicious registrar, and lack of immediate detection highlights the urgent need for caution.

Users who have visited moonshot-list.app should immediately cease any interaction with the site, avoid entering login credentials or personal information, and scan their devices for malware using reputable security software. If any sensitive data was submitted, users should change passwords immediately—especially for accounts associated with Moonshot or similar services—and monitor financial accounts for unauthorized activity. Reporting the domain to Moonshot's official fraud reporting channels and to organizations like PhishDestroy can help mitigate further harm. Additionally, users may consider blocking the IP address 104.21.85.207 and domain at the network level to prevent accidental re-exposure. Proactive measures, such as verifying website URLs and using bookmarked links for official sites, are essential to avoid falling victim to such impersonation scams.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Moonshot

## Domain Intelligence
- Registered: 2026-03-22 15:47:11
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.85.207

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6390aca3-c676-4160-abef-93fe61f77b7e
- PhishDestroy: https://phishdestroy.io/domain/moonshot-list.app/
- LLM endpoint: https://phishdestroy.io/domain/moonshot-list.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/moonshot-list.app/
Last updated: 2026-03-22