# moonveil.click — SUSPICIOUS > Caution advised: moonveil.click is linked to phishing activity. Domain is offline but previously appeared on multiple blocklists. Avoid interaction. ## Summary PhishDestroy identifies moonveil.click as a low-risk, generic phishing domain. Its classification stems from suspicious activity aimed at deceiving users into revealing sensitive information. While the threat level is considered low, caution remains warranted due to its phishing nature. The domain was created on February 21, 2026, and is registered through a now-defunct registrar, referred to as a 'Dead domain.' VirusTotal analysis shows that only one out of 95 security vendors flagged it, indicating limited detection but not a lack of risk. Moonveil.click has appeared on seven distinct security blocklists, which supports the assessment of its malicious intent. The domain is currently offline, suggesting it is no longer active or has been taken down by authorities or hosting providers. Given the current offline status and low detection rate, immediate risk to users is minimal. However, users and administrators should remain vigilant and avoid interacting with moonveil.click or links associated with it. Organizations can mitigate potential exposure by maintaining updated blocklists and employing robust email and web filtering. Continuous monitoring of similar domains is recommended to detect any resurgence or new related threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: alive (HTTP 530) - Page title: $MORE Airdrop ## Domain Intelligence - Registered: 2026-02-21 07:01:08 - Registrar: Dead domain - IP: 172.67.190.222 - SSL Issuer: WE1 ## Detection Status - VirusTotal: 1 vendors flagged Vendors: ["alphaMountain.ai"] - Google Safe Browsing: clean - Blocklists: 7 hits Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "Polkadot", "SEAL", "Enkrypt", "Codeesura"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019854f7-74c1-740d-b30e-2d79c82af1a7.png - PhishDestroy: https://phishdestroy.io/domain/moonveil.click/ - LLM endpoint: https://phishdestroy.io/domain/moonveil.click/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/moonveil.click/ Last updated: 2026-03-17