# qibabestore.digital — MALICIOUS

> qibabestore.digital is a high-risk phishing site linked to TwisProfit scams. Avoid interaction; the domain is now offline for safety.

## Summary
PhishDestroy identifies qibabestore.digital as a high-risk phishing domain that was actively used to deceive users. The domain, created in early 2026, posed a significant threat by impersonating legitimate online services to steal sensitive information. Although the site is currently offline, it was flagged on multiple security blocklists and detected by various threat intelligence systems, underscoring its malicious intent.

This phishing campaign operated by masquerading under the page title 'TwisProfit,' likely to lure victims into providing confidential data such as login credentials or financial details. The domain resolved to an IP address with a suspicious history and was registered via a common domain registrar often used by malicious actors. Such campaigns typically rely on social engineering techniques to trick users into trusting the fraudulent site.

If you have visited qibabestore.digital, it is crucial to immediately check your accounts for unauthorized activity and change any passwords that might have been compromised. Avoid clicking on any links or downloading content from similar suspicious domains. Users are also advised to keep their security software updated and report any suspicious emails or sites to their IT or security team to help prevent further exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: TwisProfit

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2026-09-18 00:00:00
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: bowen.ns.cloudflare.com fiona.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 20 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "Cluster25", "CyRadar", "DNS8", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bead0-a627-75bd-b7d4-a4ec591c9882.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/24bb059b-dfb8-439f-8f45-a15daaa18bc4
- PhishDestroy: https://phishdestroy.io/domain/qibabestore.digital/
- LLM endpoint: https://phishdestroy.io/domain/qibabestore.digital/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/qibabestore.digital/
Last updated: 2026-03-19