# aintivirs-migrate.live — SUSPICIOUS > PhishDestroy identifies aintivirs-migrate.live as a phishing site mimicking antivirus tools. Flagged by 0 of 95 VirusTotal vendors, this domain resolves to 104. ## Summary PhishDestroy identifies aintivirs-migrate.live as a generic phishing site under active investigation, currently posing as a migration page for antivirus software users. The domain is flagged as a threat with a status of 'active', indicating ongoing malicious activity. No specific brand is confirmed at this stage, but the naming suggests a direct impersonation of antivirus services, likely aiming to deceive users into downloading malicious software or revealing sensitive credentials. This domain was flagged by 0 of 95 VirusTotal vendors, operates through OwnRegistrar, Inc., resolves to IP address 104.21.76.51, and was registered on April 08, 2026. With no blocklist detections yet, the domain’s low trust profile compounds the risk, as it leverages Let's Encrypt for an SSL certificate to appear legitimate. The recent creation date and lack of detections make it a high-risk vector for unsuspecting users, especially those seeking antivirus solutions. As the investigation continues, users are strongly advised to avoid interacting with aintivirs-migrate.live and report the domain to their security teams or platforms like PhishDestroy. Blocklist integration is pending, but proactive measures—such as DNS filtering and endpoint protection updates—can mitigate exposure. Organizations should monitor for connections to 104.21.76.51 and inspect internal logs for related traffic. Immediate action is critical to prevent credential theft or malware deployment. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-08 14:50:05 - Registrar: OwnRegistrar, Inc. - IP: 104.21.76.51 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/aintivirs-migrate.live - PhishDestroy: https://phishdestroy.io/domain/aintivirs-migrate.live/ - LLM endpoint: https://phishdestroy.io/domain/aintivirs-migrate.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/aintivirs-migrate.live/ Last updated: 2026-04-08