# scientiaskin.com — MALICIOUS

> scientiaskin.com is flagged for phishing and currently offline. Avoid interacting with it to protect your data from fraud attempts.

## Summary
PhishDestroy identifies scientiaskin.com as a high-risk phishing domain impersonating Shopee, a popular e-commerce platform. This threat is significant because phishing campaigns exploiting trusted brands like Shopee can deceive users into revealing sensitive information such as login credentials and payment details, leading to financial loss and identity theft.

The domain scientiaskin.com was registered recently on February 21, 2026, through Gname.com Pte. Ltd. It resolved to IP address 188.114.97.3 and was flagged by 17 out of 95 VirusTotal security vendors. Additionally, it appeared on at least one security blocklist before being taken offline. These indicators confirm that the infrastructure was actively used for malicious activity before its current offline status.

Users should avoid visiting scientiaskin.com and refrain from interacting with any communications referencing this domain. Given its association with phishing attempts targeting Shopee customers, users are advised to verify URLs carefully, enable multi-factor authentication on their accounts, and report suspicious emails or links to Shopee or their email provider. Maintaining vigilance helps prevent falling victim to credential theft and fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Shopee

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2027-01-19 00:00:00
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: morgan.ns.cloudflare.com reza.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 17 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Cluster25", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bead2-426a-7726-87e1-60b504f70527.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8f04fbad-232c-4c78-af55-1f55839ba0ef
- PhishDestroy: https://phishdestroy.io/domain/scientiaskin.com/
- LLM endpoint: https://phishdestroy.io/domain/scientiaskin.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/scientiaskin.com/
Last updated: 2026-03-19