# oxidefai.com — SUSPICIOUS

> oxidefai.com mimics AI Trading with a crypto drainer kit. VT score 0/95, registered Sept 16 2025. Avoid this domain—verify with PhishDestroy immediately.

## Summary
PhishDestroy identifies oxidefai.com as an active generic phishing domain impersonating AI Trading services, suspected to host a crypto drainer kit designed to siphon cryptocurrency assets. The page, titled OxideFAI – AI Trading, leverages a deceptive front-end built with Bootstrap, Material Design Lite, Leaflet, and particles.js, suggesting a polished but malicious interface. The backend operates on a Microsoft ASP.NET stack hosted via IIS on a Windows Server, with SSL provided by Let’s Encrypt, indicating an attempt to appear legitimate while concealing malicious intent.


Technical indicators reveal a highly evasive setup: oxidefai.com boasts a current VirusTotal detection score of 0/95, remains unflagged by Google Safe Browsing, and shows no presence on major blocklists despite its recent creation on September 16, 2025. The domain is registered through Ultahost, Inc. and resolves to IP address 212.224.107.10, which has not yet been widely blacklisted. This combination of fresh registration, low detection rates, and sophisticated front-end frameworks highlights a deliberate effort to evade early-stage detection mechanisms.


Currently, oxidefai.com remains active and under investigation, with no immediate takedown action reported. Users are advised to avoid interaction and verify any AI Trading-related links using PhishDestroy’s verification tools. While the immediate risk is classified as under investigation, the lack of current detections suggests potential for rapid escalation. Remaining risk hinges on further analysis and blocklist propagation—organizations should monitor for connections to 212.224.107.10 and update network defenses accordingly.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Page title: OxideFAI – AI Trading

## Domain Intelligence
- Registered: 2025-09-16 06:02:32
- Registrar: Ultahost, Inc.
- IP: 212.224.107.10

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/154b2009-0b36-4ac5-9b83-58358a801fe2
- PhishDestroy: https://phishdestroy.io/domain/oxidefai.com/
- LLM endpoint: https://phishdestroy.io/domain/oxidefai.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/oxidefai.com/
Last updated: 2026-03-24