# glowspin.digital — MALICIOUS

> Glowspin.digital poses a high-risk crypto draining threat impersonating Facebook Pixel. Stay alert and avoid interaction with this domain.

## Summary
PhishDestroy identifies glowspin.digital as a high-risk malicious domain involved in crypto draining activities. This site masquerades as the Facebook Pixel service to deceive users, presenting itself as "Glowspin: Most Popular Online Crypto Casino Based on Blockchain" to lure victims into compromising their cryptocurrency assets.

The domain resolved to IP address 188.114.96.3 and was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on January 18, 2026. Despite being flagged by 19 out of 95 security vendors and appearing on one security blocklist, the domain is currently offline. Its infrastructure and branding tactics indicate a focused attempt to exploit blockchain and cryptocurrency users.

Users are advised to exercise caution and avoid visiting glowspin.digital or interacting with any links or content associated with it. Security professionals should ensure this domain remains blocked on networks and educate users on identifying impersonation tactics, particularly those targeting popular digital marketing tools like Facebook Pixel.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Kit: Gambler Scam
- Page title: Glowspin: Most Popular Online Crypto Casino Based on Blockchain

## Domain Intelligence
- Registered: 2026-01-18 16:00:00
- Expires: 2027-01-18 00:00:00
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["may.ns.cloudflare.com", "woz.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "Bfore.Ai PreCrime", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "Seclookup", "SOCRadar", "Sophos", "Trustwave", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bef72-50d9-7064-adf9-2fc057a22791.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4c4469d8-6a66-4820-adc2-e2d41e3ee08e
- Wayback Machine: https://web.archive.org/web/https://glowspin.digital
- PhishDestroy: https://phishdestroy.io/domain/glowspin.digital/
- LLM endpoint: https://phishdestroy.io/domain/glowspin.digital/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/glowspin.digital/
Last updated: 2026-03-19