# kabiwex.com — SUSPICIOUS > PhishDestroy identifies kabiwex.com as a credential theft phishing domain with 0/95 VirusTotal detections. ## Summary PhishDestroy has identified kabiwex.com as an active credential theft domain purporting to harvest user credentials under false pretenses. This domain employs generic phishing tactics to deceive visitors into surrendering sensitive login information, potentially facilitating unauthorized access to accounts or financial assets. Current forensic analysis does not indicate the use of a crypto drainer kit or direct brand impersonation; however, the domain's infrastructure suggests a focus on credential harvesting for subsequent exploitation. This domain was flagged for credential theft activities, resolving to IP address 188.114.96.3 with a VirusTotal detection score of 0 out of 95. Registered through Hello Internet Corp on February 22, 2026, the domain employs a Let's Encrypt SSL certificate to enhance its legitimacy. As of this report, kabiwex.com has not been identified on Google Safe Browsing (GSB) blocklists, though it remains unlisted across most threat intelligence platforms, indicating a potentially emerging threat. Kabiwex.com remains active and under investigation with a 'medium-risk' designation pending deeper analysis. Users are strongly advised to avoid interacting with this domain and report any suspicious encounters. Organizations should implement network-level blocking for IP 188.114.96.3 and domain kabiwex.com to mitigate potential credential theft risks. Remaining risk is classified as evolving, with potential for escalation if additional intelligence surfaces. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-22 18:11:02 - Registrar: Hello Internet Corp - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/kabiwex.com - PhishDestroy: https://phishdestroy.io/domain/kabiwex.com/ - LLM endpoint: https://phishdestroy.io/domain/kabiwex.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/kabiwex.com/ Last updated: 2026-04-04