phantom-login.com Threat Intelligence and Information

Dig Results

• Got answer:
• -»HEADER«- opcode: QUERY, status: NOERROR, id: 64494
• flags: qr rd ra QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
• OPT PSEUDOSECTION:
• EDNS: version: 0, flags: udp: 1432
• QUESTION SECTION:
• phantom-login.com. IN A
• ANSWER SECTION:
• phantom-login.com. 575 IN A 144.48.57.204
• Query time: 0 msec
• SERVER: 192.168.1.153(192.168.1.1) (UDP)
• WHEN: Sun Apr 12 00:15:45 UTC 2026
• MSG SIZE rcvd: 62

Whois Data

• Domain Name: PHANTOM-LOGIN.COM
• Registry Domain ID: 3081184133_DOMAIN_COM-VRSN
• Registrar URL: http://www.cosmotown.com
• Updated Date: 2026-03-27T02:04:46Z
• Creation Date: 2026-03-27T02:04:46Z
• Registry Expiry Date: 2027-03-27T02:04:46Z
• Registrar: TuringSign Inc. d/b/a Cosmotown
• Registrar IANA ID: 1509
• Registrar Abuse Contact Email: abuse@cosmotown.com
• Registrar Abuse Contact Phone: +1.6504739500
• Name Server: NS1.DOMAINNAMEDNS.COM
• Name Server: NS2.DOMAINNAMEDNS.COM
• DNSSEC: unsigned

SSL Certificate Information

• Certificate:
• Data:
• Version: 3 (0x2)
• Serial Number:
• ae:a3:32:19:33:0a:2a:b7:ea:9a:75:f9:c1:18:86:3a
• Signature Algorithm: ecdsa-with-SHA384
• Issuer: C = AT, O = ZeroSSL, CN = ZeroSSL ECC Domain Secure Site CA
• Validity
• Not Before: Mar 27 00:00:00 2026 GMT
• Not After : Jun 25 23:59:59 2026 GMT
• Subject: CN = phantom-login.com
• Subject Public Key Info:
• Public Key Algorithm: id-ecPublicKey
• Public-Key: (256 bit)
• pub:
• 04:77:44:a8:53:f8:e8:01:ca:6c:0c:92:ca:39:83:
• ba:70:72:b0:99:78:bd:93:bb:9d:31:78:75:6c:bb:
• f4:9f:aa:4f:1c:3b:20:17:21:67:84:3e:f9:fd:36:
• 6b:75:4c:24:e4:5a:51:40:88:cf:d0:64:6e:a4:53:
• 8f:d0:36:34:29
• ASN1 OID: prime256v1
• NIST CURVE: P-256
• X509v3 extensions:
• X509v3 Authority Key Identifier:
• 0F:6B:E6:4B:CE:39:47:AE:F6:7E:90:1E:79:F0:30:91:92:C8:5F:A3
• X509v3 Subject Key Identifier:
• 23:CE:E5:C5:5E:A2:22:1B:2B:E1:92:97:01:B1:A9:40:7D:75:7F:59
• X509v3 Key Usage: critical
• Digital Signature
• X509v3 Basic Constraints: critical
• CA:FALSE
• X509v3 Extended Key Usage:
• TLS Web Server Authentication
• X509v3 Certificate Policies:
• Policy: 1.3.6.1.4.1.6449.1.2.2.78
• CPS: https://sectigo.com/CPS
• Policy: 2.23.140.1.2.1
• Authority Information Access:
• CA Issuers - URI:http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt
• OCSP - URI:http://zerossl.ocsp.sectigo.com
• CT Precertificate SCTs:
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
• DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
• Timestamp : Mar 27 10:56:37.771 2026 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:45:02:21:00:8E:E1:89:F5:01:C3:D1:02:A9:CA:F6:
• E2:40:FC:9A:5D:3C:C2:4B:1A:F1:1D:2D:CC:BD:58:9F:
• 45:13:21:6C:09:02:20:4F:BC:7A:A0:FD:BF:1F:78:17:
• 0A:A9:C7:2D:A1:8A:BB:47:C9:9B:0D:0B:23:E1:36:17:
• 48:54:E3:7B:0F:8F:2C
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 16:83:2D:AB:F0:A9:25:0F:0F:F0:3A:A5:45:FF:C8:BF:
• C8:23:D0:87:4B:F6:04:29:27:F8:E7:1F:33:13:F5:FA
• Timestamp : Mar 27 10:56:37.841 2026 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:45:02:20:45:1A:FB:D2:5C:D7:6C:D0:EA:DB:2E:62:
• 1B:8A:88:EE:3D:D2:27:31:3B:C9:BF:43:92:4D:77:D6:
• 21:B9:56:62:02:21:00:8D:D9:2E:2E:89:93:BD:0A:37:
• 29:9C:57:66:4C:B2:8A:95:EE:87:45:E3:DD:A2:64:75:
• 63:79:BF:0E:4E:4B:79
• X509v3 Subject Alternative Name:
• DNS:phantom-login.com, DNS:www.phantom-login.com
• Signature Algorithm: ecdsa-with-SHA384
• Signature Value:
• 30:65:02:31:00:bb:6b:87:80:2e:69:90:46:cb:2d:21:0b:0a:
• 48:9b:56:74:d2:49:8a:d0:f5:8e:37:e3:0d:76:58:ca:03:eb:
• 4e:d8:46:a7:14:cb:3f:fe:b6:37:6a:5d:32:d0:6a:84:c0:02:
• 30:50:9f:16:10:45:fb:79:f2:7c:93:ab:3c:e7:17:0c:15:27:
• cc:cb:57:59:2b:87:f9:ac:db:bf:0c:5c:8c:f8:ed:eb:12:0f:
• ee:d1:eb:e7:99:cf:99:11:4b:86:8b:54:45

Additional Links

*** Virustotal ***

*** WayBackMachine ***