# avaive.cc — MALICIOUS

> Warning: avaive.cc is a medium-risk phishing domain currently offline. Avoid visiting to protect your personal information and devices.

## Summary
PhishDestroy identifies avaive.cc as a medium-risk generic phishing domain. The site was flagged for hosting deceptive content aimed at stealing sensitive user credentials or personal information. Despite its recent registration in February 2026, the domain attracted suspicion due to malicious activities typical of phishing campaigns.

The domain resolves to IP address 104.21.28.73 and was registered through NiceNIC International Group Co., Limited. VirusTotal analysis shows that 7 out of 95 security vendors have flagged avaive.cc, indicating a moderate detection consensus. The domain appears on one security blocklist, corroborating its association with phishing threats. The page title currently returns a "521: Web server is down" error, reflecting that the hosting server is not operational.

Currently, avaive.cc is taken offline, reducing the immediate risk of exposure to phishing attacks via this domain. Users are advised to remain cautious and avoid attempts to access this or similar suspicious domains. Security teams should continue monitoring for potential reuse or domain resurrection tactics and ensure endpoint defenses are up to date to block any related phishing attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: avaive.cc | 521: Web server is down

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 104.21.28.73
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["adi.ns.cloudflare.com", "fattouche.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["alphaMountain.ai", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/01996211-6a8d-76dc-8d8c-eebe07302f3d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/3b47cd67-53b5-4e32-90a6-41a5f7833eca
- PhishDestroy: https://phishdestroy.io/domain/avaive.cc/
- LLM endpoint: https://phishdestroy.io/domain/avaive.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/avaive.cc/
Last updated: 2026-03-19