# aavue.cc — SUSPICIOUS

> aavue.cc was identified as a medium-risk phishing site. Stay vigilant and avoid this domain to protect your personal info from potential scams.

## Summary
PhishDestroy has identified aavue.cc as a generic phishing threat with a medium risk level. The domain was created recently on February 21, 2026, and was used to potentially deceive users into divulging sensitive information. While the exact phishing scheme is unclear, the domain's association with phishing activities warrants caution.

The domain aavue.cc was registered through NiceNIC International Group Co., Limited and resolved to IP address 172.67.138.196. Although only 3 out of 95 security vendors flagged the domain on VirusTotal, it appeared on three separate security blocklists, indicating suspicious activity. Currently, visitors to the domain encounter a "521: Web server is down" message, suggesting the site is no longer operational.

Given the current offline status of aavue.cc, users are advised to avoid interacting with this domain or any suspicious links related to it. PhishDestroy recommends maintaining updated security software and exercising caution when receiving unsolicited communications directing to unknown websites. Monitoring for any resurgence or related domains is also advisable to prevent exposure to potential phishing scams.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: aavue.cc | 521: Web server is down

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.138.196
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["greg.ns.cloudflare.com", "melody.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["alphaMountain.ai", "Forcepoint ThreatSeeker", "Fortinet"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019908ae-5217-7012-886a-566dfbbed7bd.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/991fb827-0a99-449c-a019-12742c4c1de2
- PhishDestroy: https://phishdestroy.io/domain/aavue.cc/
- LLM endpoint: https://phishdestroy.io/domain/aavue.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/aavue.cc/
Last updated: 2026-03-19