# news-moonshot.com — SUSPICIOUS > news-moonshot.com is being used for brand impersonation of Moonshot. With 0/95 detections on VirusTotal, check the full report to assess the threat. ## Summary PhishDestroy identifies news-moonshot.com as an active brand impersonation threat impersonating the legitimate Moonshot brand. This deceptive domain leverages the recognizable name to mislead users into believing it is an official or affiliated service, a tactic commonly used in phishing campaigns to harvest credentials or distribute malware. The site currently exhibits low detection rates despite its malicious intent, with VirusTotal showing 0 positive detections out of 95 scans at the time of investigation. This low detection rate suggests the domain may be newly active or employing evasion techniques to avoid immediate flagging by security vendors, necessitating heightened scrutiny from users and researchers alike. This domain was flagged during routine threat intelligence monitoring and exhibits multiple red flags indicative of malicious activity. It resolves to IP address 216.150.16.193, a server associated with suspicious hosting behavior. The domain was registered through Realtime Register B.V. on March 23, 2026, a notably recent creation date that often correlates with malicious intent as threat actors favor newly registered domains for short-lived operations. The presence of a Let's Encrypt SSL certificate further enhances its legitimacy in the eyes of unsuspecting users, a common tactic to bypass browser warnings. As of this report, the domain has not been listed on any major blocklists, and no trust scores are available due to its recent creation, emphasizing the need for proactive blocking and monitoring to prevent potential compromise. The absence of detections on VirusTotal, despite its malicious nature, underscores the importance of real-time threat intelligence and user vigilance. Immediate mitigation steps are recommended for users and organizations encountering this domain. Block network-level access to news-moonshot.com and its associated IP address 216.150.16.193 to prevent user exposure and potential data compromise. Since the domain impersonates the Moonshot brand, notify users via secure channels about the existence of this impersonation and provide guidance on verifying official communications from Moonshot through known, trusted domains and channels. Additionally, report this domain to security vendors and blocklists such as URLVoid, Google Safe Browsing, and PhishTank to enhance collective defense mechanisms. Educate users to scrutinize unsolicited links and verify the legitimacy of websites, especially those requesting login credentials or sensitive information, to reduce the risk of falling victim to this brand impersonation campaign. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Moonshot ## Domain Intelligence - Registered: 2026-03-23 17:12:13 - Registrar: Realtime Register B.V. - IP: 216.150.16.193 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/db29b6db-f0bf-4aa4-a3f0-478db4dd0ff0 - PhishDestroy: https://phishdestroy.io/domain/news-moonshot.com/ - LLM endpoint: https://phishdestroy.io/domain/news-moonshot.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/news-moonshot.com/ Last updated: 2026-03-23