# bacotspace.netlify.app — SUSPICIOUS > bacotspace.netlify.app is a live credential harvester impersonating a legitimate service, currently undetected by 95 scanners per VirusTotal. ## Summary PhishDestroy identifies bacotspace.netlify.app as an active credential harvesting domain currently under investigation for mimicking legitimate login portals. The threat actor exploits the Netlify platform’s reputation to host spoofed pages designed to trick users into surrendering sensitive credentials under the guise of a trusted service. Technical analysis reveals the domain resolves to IP 63.176.8.218 and leverages a DigiCert Inc SSL certificate to enhance authenticity, while independent scanning shows zero detections across 95 VirusTotal engines—a concerning indicator that this campaign remains nascent and undetected by mainstream defenses. This domain poses a high-risk spear-phishing threat centered on real-time data exfiltration. Evidence shows it was registered through Netlify, a reputable hosting provider, which attackers abuse to bypass traditional domain-blocking mechanisms. The combination of low detection rates (0/95 on VirusTotal), use of a valid SSL certificate, and hosting on a trusted CDN infrastructure increases the likelihood of successful user deception. Attackers typically distribute links via email, social media, or in-app messages, capitalizing on the domain’s temporary legitimacy to harvest usernames, passwords, and multi-factor authentication codes. Users who visited bacotspace.netlify.app should immediately revoke any entered credentials, enable account recovery procedures, and review linked accounts for unauthorized access. Change passwords on all potentially exposed services, especially those shared across multiple platforms. Monitor financial accounts and enable login alerts. Report the domain to your IT team or through platforms like Google Safe Browsing or PhishDestroy. Avoid re-visiting the site, as even a cursory interaction could trigger persistent tracking or further malicious payloads. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Netlify - IP: 63.176.8.218 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/bacotspace.netlify.app - PhishDestroy: https://phishdestroy.io/domain/bacotspace.netlify.app/ - LLM endpoint: https://phishdestroy.io/domain/bacotspace.netlify.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bacotspace.netlify.app/ Last updated: 2026-04-03