# usoil.live — SUSPICIOUS

> USOIL.live mimics oil trading sites to steal logins—phishing kit detected. Check the full report. VirusTotal 0/95 detections.

## Summary
PhishDestroy identifies USOIL.live as an active phishing domain posing as a legitimate oil-trading portal with the explicit goal of harvesting user credentials and financial data. This domain employs a generic phishing kit aimed at mimicking reputable energy-sector platforms, creating a convincing facade to trick visitors into entering sensitive information such as usernames, passwords, and payment details. The threat is classified as credential-harvesting phishing due to its targeted deception within the energy commodities niche.  

This domain was flagged with a risk level of under_investigation and shows zero detections on VirusTotal out of 95 security engines as of seed 918346. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar known for high-volume, low-friction domain registrations that are frequently exploited in phishing campaigns. The domain resolves to IP address 188.114.96.3, which is associated with a cluster of suspicious domains hosted on a shared infrastructure often linked to low-trust or newly allocated resources. The SSL certificate is issued by Let's Encrypt, indicating valid HTTPS encryption but not confirming legitimacy. The domain was created on April 01, 2026, demonstrating a very recent registration—an alarming indicator often used to evade historical reputation-based detection systems. There are no current entries on major blocklists such as Google Safe Browsing, PhishTank, or OpenPhish at the time of assessment.  

To mitigate the risk from USOIL.live, users are strongly advised to avoid visiting the site entirely. If credentials or financial information were entered, immediately change passwords on all related accounts, enable multi-factor authentication, and monitor accounts for unauthorized transactions. Organizations should block access to the domain and IP 188.114.96.3 at the network perimeter. Consider reporting the domain to your email provider, browser security teams, and phishing intelligence platforms. Always verify URLs through official sources and be skeptical of recently created domains offering financial or commodity-related services, especially those relying on newly issued SSL certificates.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-01 08:26:28
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/246b5ae6-46b3-44d8-8308-0fce65139c1b
- PhishDestroy: https://phishdestroy.io/domain/usoil.live/
- LLM endpoint: https://phishdestroy.io/domain/usoil.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/usoil.live/
Last updated: 2026-04-01