# heavendex.info — SUSPICIOUS

> PhishDestroy flags heavendex.info as an active Aave brand impersonation domain. Only 0/95 VirusTotal vendors detected it—check the full report.

## Summary
PhishDestroy identifies heavendex.info as an active domain engaged in brand impersonation targeting Aave, a leading decentralized finance protocol. The domain is currently under investigation and remains active as of the latest assessment.

This domain was flagged by 0 of 95 VirusTotal security vendors, indicating a low detection rate despite its malicious intent. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, resolves to IP address 104.21.74.116, and utilizes a Let's Encrypt SSL certificate. The domain was created on April 10, 2026, and remains unlisted on reputable blocklists. Trust scores for this domain remain critically low due to the absence of widespread detection and its recent registration date.

The current status of heavendex.info is active and under investigation, posing a potential risk to users seeking Aave-related services. Users are strongly advised to avoid interacting with this domain or any associated links. If you have recently engaged with heavendex.info, review your credentials and transactions for signs of compromise. Report any suspicious activity to Aave's official support channels and update your security tools to detect emerging threats. Exercise heightened caution with domains related to decentralized finance protocols and verify URLs through official channels before proceeding.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Aave

## Domain Intelligence
- Registered: 2026-04-10 15:03:00
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.74.116

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/heavendex.info
- PhishDestroy: https://phishdestroy.io/domain/heavendex.info/
- LLM endpoint: https://phishdestroy.io/domain/heavendex.info/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/heavendex.info/
Last updated: 2026-04-10