# ouyi.clinic — SUSPICIOUS > ouyi.clinic impersonates a medical clinic in a generic phishing scam. Domain created Nov 28 2023, 0/95 VirusTotal detections. Never share personal data here. ## Summary PhishDestroy identifies ouyi.clinic as a recently activated generic phishing domain that masquerades as a medical clinic to harvest sensitive credentials and payment details from unsuspecting visitors. The site’s low footprint—no VirusTotal detections (0/95 engines) on IP 54.215.31.113—does not imply safety; rather it reflects the domain’s novelty and the attackers’ use of fresh infrastructure to evade blocklists. Registrant opacity through Dynadot Inc and a Let’s Encrypt certificate further lower immediate detection while increasing believability for victims seeking medical services online. Technical indicators show the domain was registered on November 28, 2023, giving it less than one month of operational history. The hosting IP 54.215.31.113 is shared among multiple low-reputation sites, increasing the likelihood of malicious co-tenancy. Despite zero antivirus flags on VirusTotal as of the latest scan, the absence of detections is not proof of legitimacy; rather it signals a “clean” window that threat actors exploit before security vendors catch up. Registrar Dynadot Inc offers privacy services that can obscure ownership, making attribution and takedown harder for defenders. Users who visited ouyi.clinic should immediately cease any data entry, check browser extensions for unauthorized changes, and run a reputable antivirus scan. If credentials or payment details were entered, rotate passwords immediately and monitor financial accounts for fraudulent transactions. Report the domain to your email provider and credit monitoring services, and avoid clicking any links or downloading files from the site. Consider using a dedicated credit card with low limits for online medical purchases to limit exposure. Forward phishing URLs to your organization’s security team or to national reporting bodies such as the FBI IC3 or local cybercrime units for investigation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2023-11-28 21:45:03 - Registrar: Dynadot Inc - IP: 54.215.31.113 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/33fdcfb5-0cde-49ef-91dc-a6d6eef2390e - PhishDestroy: https://phishdestroy.io/domain/ouyi.clinic/ - LLM endpoint: https://phishdestroy.io/domain/ouyi.clinic/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ouyi.clinic/ Last updated: 2026-03-24