Phishing site — do not log in
Flagged on major browser safety blocklists as social engineering. This page looks designed to steal credentials. Don't log in — and if you already did, change the password anywhere you reused it and turn on two-factor authentication.
Is immuai.live legit or a scam?
Fake Immunefi airdrop phishing site on a 6-day-old typosquat domain flagged for social engineering and wallet scams.
These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.
Analysis Summary
MT Intelligence
The site presents itself as an airdrop claim page for a token called $IAI but is a direct clone and typosquat of the legitimate immunai.com biotech site. Browser blocklists have already flagged it for social engineering, and independent reports confirm it pushes fake Immunefi phishing campaigns. The domain was registered only six days ago through a registrar frequently linked to scam infrastructure. Visual checks show a 403 error page, which is common when the scam content is served conditionally or blocked in some regions. These signals together indicate a high-risk impersonation campaign rather than any legitimate project.
Website Preview
Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.
Visual Screenshot Analysis
We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.
No scam visual patterns detected
Standard 403 Forbidden server error page with no scam indicators or suspicious elements visible.
Web Research Findings
Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for immuai.live, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.
- Domain immuai.live registered May 18, 2026 (6-7 days old) via NICENIC INTERNATIONAL GROUP CO., LIMITED
- Homepage content: "$IAI Airdrop - The airdrop of $IAI is here! The claims for IAI are officially LIVE ! Connect your wallet, check your allocation and claim your tokens."
- Flagged by PhishDestroy as fake Immunefi phishing / airdrop scam; 3/95 VirusTotal detections; listed in 3 blocklists (MetaMask, PhishDestroy, SEAL)
- Listed as IOC on ThreatFox (abuse.ch) for domain:immuai.live
- Registrar NiceNIC noted in reports for high association with scam domains (>90% illegal content per PhishDestroy analysis)
- Resolves to Cloudflare IPs; HTTP 403 on some checks; no backlinks or established history per Ahrefs/others
Name closely matches Immunai (biotech AI company at immunai.com); site promotes fake $IAI airdrop impersonating Immunefi bug bounty platform
PhishDestroy reports confirm immuai.live is actively used for fake Immunefi phishing and airdrop scams. The same source notes the domain was registered only days ago and highlights the registrar's frequent involvement with malicious sites. No positive reviews or legitimate business records were located.
Scam Network Intelligence
Antivirus Engines
Security Scans
Detected threat categories: SOCIAL_ENGINEERING.
Domain & Encryption
Server Reputation
Scam-Type Likelihood
4 scam-type patterns detected
0 of 13 categories showed signals
We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.
- Domain is a typosquat of immunai.com.
- Google Safe Browsing flagged this as social engineering / phishing.
- AI analyst tagged this as phishing.
- AI analyst tagged this as crypto fraud / wallet-drainer.
- AI analyst tagged this as an airdrop / drainer.
- Domain is a typosquat of immunai.com.
- Clustered with known brand-impersonation infrastructure.
- AI analyst tagged this as a giveaway / airdrop / lottery scam.
0 of 13 categories showed signals
We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.
- Domain is a typosquat of immunai.com.
- Google Safe Browsing flagged this as social engineering / phishing.
- AI analyst tagged this as phishing.
- AI analyst tagged this as crypto fraud / wallet-drainer.
- AI analyst tagged this as an airdrop / drainer.
- Domain is a typosquat of immunai.com.
- Clustered with known brand-impersonation infrastructure.
- AI analyst tagged this as a giveaway / airdrop / lottery scam.
Phishing site — act fast
This page shows signs of attempting to steal credentials or impersonate a trusted brand.
- Do not interact with immuai.live
Do not enter credentials, deposit money, download files, or install browser extensions from this site.
- If you already typed your password — change it now
Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.
- OpenReport the phishing URL
APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.
- OpenGet help on the forum
MalwareTips members can help you assess damage and next steps.
Reputation Sources
How this domain rates across independent threat-intelligence and blocklist providers.
Safety FAQ
Common questions about this site, answered from the scan data on this page. These are auto-generated — not hand-written — so they always match the underlying report.
- Our automated security review flags immuai.live as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
- No — immuai.live scored 8/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
- Yes. immuai.live presents a valid TLSv1.3 certificate issued by Let's Encrypt · E7, expiring in 83 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
- immuai.live is 6 days old, registered on 5/18/2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
- 1 out of 92 antivirus engines in our malware network flagged immuai.live as malicious or suspicious. Even one detection is a meaningful signal.
- Yes. The major browser blocklist feeds flagged immuai.live with the following threat categories: SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.
- immuai.live resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
- We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.
Final Verdict
This is a fake $IAI airdrop phishing site impersonating Immunai and Immunefi. Our verdict is malicious because the domain is only 6 days old, carries social-engineering blocklist flags, and is confirmed as a clone promoting wallet-draining scams.
Other Dangerous reports
User reviews & comments(0)
Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.