cryptofish.xyz Threat Intelligence and Information

Host Location

Screenshot

Dig Results

• Got answer:
• -»HEADER«- opcode: QUERY, status: NOERROR, id: 47732
• flags: qr rd ra QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
• OPT PSEUDOSECTION:
• EDNS: version: 0, flags: udp: 1432
• QUESTION SECTION:
• cryptofish.xyz. IN A
• ANSWER SECTION:
• cryptofish.xyz. 296 IN A 192.0.78.154
• cryptofish.xyz. 296 IN A 192.0.78.239
• Query time: 0 msec
• SERVER: 192.168.1.153(192.168.1.1) (UDP)
• WHEN: Thu Nov 06 00:06:45 UTC 2025
• MSG SIZE rcvd: 75

Whois Data

• Domain Name: CRYPTOFISH.XYZ
• Registry Domain ID: D520003452-CNIC
• Registrar URL: https://www.godaddy.com/
• Updated Date: 2025-02-25T08:47:53.0Z
• Creation Date: 2025-01-17T11:35:42.0Z
• Registry Expiry Date: 2026-01-17T23:59:59.0Z
• Registrar: Go Daddy, LLC
• Registrar IANA ID: 146
• Name Server: NS1.WORDPRESS.COM
• Name Server: NS2.WORDPRESS.COM
• Name Server: NS3.WORDPRESS.COM
• DNSSEC: unsigned
• Registrar Abuse Contact Email: abuse@godaddy.com
• Registrar Abuse Contact Phone: +1.4805058800
• https://www.centralnicregistry.com/support/information/rdap «<
• blacklisted. All data is (c) CentralNic Ltd (https://www.centralnicregistry.com)

SSL Certificate Information

• Certificate:
• Data:
• Version: 3 (0x2)
• Serial Number:
• 05:18:88:e3:19:b3:fa:2c:7b:f3:41:39:58:17:3e:7c:4f:7d
• Signature Algorithm: ecdsa-with-SHA384
• Issuer: C = US, O = Let’s Encrypt, CN = E8
• Validity
• Not Before: Sep 23 04:54:24 2025 GMT
• Not After : Dec 22 04:54:23 2025 GMT
• Subject: CN = tls.automattic.com
• Subject Public Key Info:
• Public Key Algorithm: id-ecPublicKey
• Public-Key: (256 bit)
• pub:
• 04:43:c0:25:02:a2:c9:8d:66:16:99:8d:30:52:7f:
• 1e:77:93:ce:98:ca:79:52:0d:4c:02:a8:99:5c:d2:
• 6a:d4:8f:a7:aa:c1:12:d1:d6:2a:e4:e3:de:ae:1e:
• d7:b2:95:37:1e:29:64:21:41:da:c3:19:b8:05:58:
• 51:3b:b8:20:36
• ASN1 OID: prime256v1
• NIST CURVE: P-256
• X509v3 extensions:
• X509v3 Key Usage: critical
• Digital Signature
• X509v3 Extended Key Usage:
• TLS Web Server Authentication, TLS Web Client Authentication
• X509v3 Basic Constraints: critical
• CA:FALSE
• X509v3 Subject Key Identifier:
• 26:76:E6:6C:F0:A2:8B:26:A1:F1:DC:52:06:29:C4:0E:8E:12:8D:B6
• X509v3 Authority Key Identifier:
• 8F:0D:13:A2:F6:2E:7E:D1:50:6C:33:18:38:5D:59:8E:23:72:91:CA
• Authority Information Access:
• CA Issuers - URI:http://e8.i.lencr.org/
• X509v3 Subject Alternative Name:
• DNS:amazonarabe.code.blog, DNS:balloonsbylaura.com, DNS:bca.movie.blog, DNS:bluerockmanufacturing.com, DNS:boudoirbygemwright.co.uk, DNS:chillerbath.blog, DNS:cryptofish.xyz, DNS:dofu.work, DNS:druganddeviceworld.com, DNS:franksmithwfes123movies.movie.blog, DNS:happystore.fashion.blog, DNS:isabelafreundlieb.com, DNS:metaifbbpro.com, DNS:mff.code.blog, DNS:muhammedbakisumer.com, DNS:mykeydesigns.com, DNS:myteachmate.co.uk, DNS:n-tise.de, DNS:nicholasmarten.org, DNS:norgrenpackexpo.com, DNS:rasbby.music.blog, DNS:tls.automattic.com, DNS:tradefundexchange.finance.blog, DNS:www.amazonarabe.code.blog, DNS:www.bernardrion.fr, DNS:www.boudoirbygemwright.co.uk, DNS:www.cameronjohnsonbryl123movies.movie.blog, DNS:www.chillerbath.blog, DNS:www.cryptofish.xyz, DNS:www.derechotributariolegal.law.blog, DNS:www.dofu.work, DNS:www.druganddeviceworld.com, DNS:www.franksmithwfes123movies.movie.blog, DNS:www.gameraqui.game.blog, DNS:www.happystore.fashion.blog, DNS:www.insight.jobins.jp, DNS:www.isabelafreundlieb.com, DNS:www.karlsblog6.blog, DNS:www.mff.code.blog, DNS:www.mikehsu.blog, DNS:www.muhammedbakisumer.com, DNS:www.mykeydesigns.com, DNS:www.myteachmate.co.uk, DNS:www.nicholasmarten.org, DNS:www.norgrenpackexpo.com, DNS:www.rasbby.music.blog, DNS:www.rostiotb.music.blog, DNS:www.sujalsingh.music.blog, DNS:www.tradefundexchange.finance.blog, DNS:www.youwinner.fashion.blog, DNS:youwinner.fashion.blog
• X509v3 Certificate Policies:
• Policy: 2.23.140.1.2.1
• X509v3 CRL Distribution Points:
• Full Name:
• URI:http://e8.c.lencr.org/126.crl
• CT Precertificate SCTs:
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
• 26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
• Timestamp : Sep 23 05:52:54.690 2025 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:46:02:21:00:E9:CD:A2:EB:8F:3D:6D:0A:DD:1E:72:
• D8:5E:80:0F:1E:6B:6A:61:F6:29:BA:3A:A7:E3:48:FC:
• 54:AA:C8:AD:D0:02:21:00:C0:E4:BF:2C:14:9C:01:EC:
• 76:D0:B3:A7:33:F8:E6:70:99:CF:DE:E9:B8:E6:58:F8:
• 6D:94:EC:2A:1D:07:20:E3
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
• F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
• Timestamp : Sep 23 05:52:54.693 2025 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:46:02:21:00:BF:2D:7B:4C:63:DA:79:F4:1B:A7:DC:
• C8:13:3A:84:D5:B7:25:35:BC:06:A8:D3:1C:A7:FF:25:
• 0D:1D:88:C5:D5:02:21:00:AB:72:F6:69:7D:73:4E:F3:
• 73:82:FF:C2:BF:ED:A8:48:43:25:C8:4D:68:A0:BE:84:
• 92:C2:83:26:CF:CB:BF:1A
• Signature Algorithm: ecdsa-with-SHA384
• Signature Value:
• 30:66:02:31:00:d6:23:4d:d2:c3:f8:c7:44:90:72:e3:c9:17:
• ce:80:2a:f3:bb:b3:11:26:91:54:78:e5:35:2e:45:63:64:72:
• ae:f9:58:46:8e:81:f2:19:6f:a0:d6:af:4b:77:35:99:0b:02:
• 31:00:87:d5:51:24:87:08:b0:7f:a6:79:05:9f:ae:e5:1c:64:
• 71:07:ab:3c:da:50:35:17:36:2b:83:8c:5a:d7:e4:f4:23:72:
• 82:a1:a0:c9:3b:c4:4d:2f:bf:c6:be:4c:43:e5

Additional Links

*** Virustotal ***

*** WayBackMachine ***