# alliai.org — SUSPICIOUS

> Beware of alliai.org, a medium-risk phishing site impersonating Arbitrum. Avoid sharing personal info and verify official sources before acting.

## Summary
PhishDestroy identifies alliai.org as a medium-risk domain involved in brand impersonation targeting Arbitrum users. The site aimed to lure victims with fake claims of rewards for active wallets.

The domain was created on February 21, 2026, registered via Sav.com, LLC, and resolved to IP 172.67.204.56. It appeared on four security blocklists and was flagged by three VirusTotal vendors. AlienVault OTX also associated it with threat intelligence.

Currently, alliai.org is offline, reducing immediate risk. Users should remain cautious, avoid interacting with suspicious sites, and always verify offers through official Arbitrum channels to prevent phishing attacks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Target brand: Arbitrum
- Page title: Claim Your Share of the Arbitrum Ecosystem | Up to $25,000 for Active Wallets

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2026-09-22 00:00:00
- Registrar: Sav.com, LLC
- Country: US
- IP: 172.67.204.56
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["everton.ns.cloudflare.com", "magdalena.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["Certego", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bf118-caf0-77fe-aa3c-0c9274bd22ab.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/92a9407d-f809-4883-9a4c-edcd1369f91b
- Wayback Machine: https://web.archive.org/web/https://alliai.org
- PhishDestroy: https://phishdestroy.io/domain/alliai.org/
- LLM endpoint: https://phishdestroy.io/domain/alliai.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/alliai.org/
Last updated: 2026-03-19