# bahistrendi.com — SUSPICIOUS > bahistrendi.com identified as a credential theft phishing site, flagged by 3 of 95 VirusTotal vendors targeting unsuspecting users. ## Summary PhishDestroy identifies bahistrendi.com as an active credential theft phishing domain currently leveraging brand impersonation tactics to harvest user credentials. The threat remains at an elevated risk level as of the latest assessment, with no signs of takedown or deactivation. Bahistrendi.com exhibits multiple red flags indicative of malicious intent. This domain was registered on April 14, 2022, through GoDaddy.com, LLC, and resolves to IP address 188.114.96.3. Security vendor analysis reveals a concerning detection rate, with 3 of 95 VirusTotal vendors flagging this domain for malicious activity. Despite utilizing a Google Trust Services SSL certificate—often associated with legitimacy—the domain’s recent creation date and sparse online footprint contribute to its high-risk profile. The low trust scores and lack of established reputation further underscore its suspicious nature. The active status of bahistrendi.com demands immediate action to mitigate potential victimization. Users who have encountered this domain are strongly advised to refrain from entering any personal or credential information. Organizations should consider blacklisting this domain and IP address at the network perimeter to prevent access. Additionally, end-users should enable multi-factor authentication on all accounts to reduce the impact of potential credential compromise. Security teams are urged to monitor for any emerging campaigns associated with this domain and report further sightings to relevant threat intelligence platforms. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2022-04-14 09:15:21 - Registrar: GoDaddy.com, LLC - IP: 188.114.96.3 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/70053be6-9d99-4578-8822-2d28d0bceeff - PhishDestroy: https://phishdestroy.io/domain/bahistrendi.com/ - LLM endpoint: https://phishdestroy.io/domain/bahistrendi.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bahistrendi.com/ Last updated: 2026-03-24