# midtrans.com — SUSPICIOUS > midtrans.com is flagged for credential theft phishing impersonating the Indonesian payment gateway. VirusTotal reports 0/95 detections. ## Summary PhishDestroy identifies midtrans.com as an active credential theft campaign masquerading as Indonesia’s leading payment processor. The domain resolves to 104.26.14.196, a server with no VirusTotal detections, and leverages a Google Trust Services SSL certificate to appear legitimate. Threat actors are likely harvesting login credentials to drain payment accounts or resell access on dark-web markets. This domain was flagged via seed 7b0430 and shows a clean 0/95 on VirusTotal, despite active abuse. It was registered through NAMECHEAP INC on May 30, 2000—indicating long-term ownership rather than a recent bulk acquisition—suggesting sustained operation. The absence of blocklist flags highlights a window of opportunity for criminals before detection systems catch up. If you visited midtrans.com and entered any credentials or payment details, revoke access in your bank or wallet immediately and change passwords on all related accounts. Run a full antivirus scan and monitor financial statements for unauthorized transactions. Report the domain to your email provider and consider enabling two-factor authentication on all linked payment services. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2000-05-30 21:44:21 - Registrar: NAMECHEAP INC - IP: 104.26.14.196 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/3bdaac49-f9a6-4e46-9ff2-133deeaaea2b - PhishDestroy: https://phishdestroy.io/domain/midtrans.com/ - LLM endpoint: https://phishdestroy.io/domain/midtrans.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/midtrans.com/ Last updated: 2026-03-25