# rumahotp.com — SUSPICIOUS

> rumahotp.com masquerades as an OTP verification service but lures users into sharing sensitive data. Flagged by 0 of 95 VirusTotal vendors—block with IP 104.21.

## Summary
PhishDestroy identifies rumahotp.com as an active generic phishing domain currently under investigation. This domain impersonates a legitimate Indonesian OTP verification service, specifically targeting users seeking virtual number solutions or API-based OTP validation.


The domain rumahotp.com, registered through Hostinger operations UAB, presents elevated risk indicators. Flagged by 0 of 95 VirusTotal vendors with no current blocklist presence, it resolves to IP address 104.21.8.178 and utilizes a Google Trust Services SSL certificate. The domain was created on April 28, 2025, and currently hosts a page titled 'RumahOTP - Layanan Nomor Virtual & API untuk Verifikasi OTP | Mulai Rp1.000/number,' closely mimicking authentic Indonesian OTP services.


While technical analysis remains ongoing, the absence of detection on major threat intelligence platforms suggests this may be a newly deployed or evolving threat. Users are strongly advised to block access to rumahotp.com and avoid interacting with any pages requesting OTP-related verification. Security teams should monitor for related infrastructure, particularly IP 104.21.8.178 and SSL certificate fingerprints associated with Google Trust Services. Immediate implementation of domain blocking and user awareness alerts is recommended to mitigate potential credential harvesting or fraudulent transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Page title: RumahOTP - Layanan Nomor Virtual & API untuk Verifikasi OTP | Mulai Rp1.000/number

## Domain Intelligence
- Registered: 2025-04-28 16:42:45
- Registrar: HOSTINGER operations, UAB
- IP: 104.21.8.178

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6d2c09c4-5cbe-487f-b80b-fc9283fc070d
- PhishDestroy: https://phishdestroy.io/domain/rumahotp.com/
- LLM endpoint: https://phishdestroy.io/domain/rumahotp.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rumahotp.com/
Last updated: 2026-03-24