Trying to find the certificate owner

Hello,

This is kind of offtopic but I hope you can help me out.

I’ve got scammed through a website and lost a lot of money.

The only info I got is a SSL certificate, issued by Let’s Encrypt. I’m trying to find out who the owner is of the website, so I can contact the police.

Anything I can do here?

Kind regards,

Perry

1 Like

Hi @Perry-vz,

As you’ve probably seen, Let’s Encrypt certificates don’t contain any contact information for the subscriber whom the certificate identifies. Generally, all of the public information that’s available about the subscriber is already contained within the certificate.

ISRG, the organization that operates Let’s Encrypt, may have some kind of information about the person or entity that requested the certificate, such as IP addresses and e-mail addresses involved in that request. But ISRG can only disclose this information in response to a proper legal request such as a subpoena, not in response to a personal request.

You may also want to look at the domain name that was used and see if contact information is available through whois. Whether or not it is publicly available this way, the domain registrar may have information about who requested and paid for the domain name (which also may require legal process such as a subpoena in order to release, according to the registrar’s privacy policy).

Similarly, the hosting provider that hosts or hosted the site may have information about who its subscriber was. (Even if the DNS records have changed in between, there are DNS archive services that can confirm who the web hosting provider was at the time that you accessed the scam site.) Once again, the hosting provider may not be able to release this information directly to you, following its own privacy policy.

If you think of all of these Internet infrastructure entities as analogous to something like the motor vehicle registration agency or the post office, you can see that they may have some kinds of personal information about suspects available, but they normally can’t disclose it directly to the victim of a crime without involving the courts or police first—and having an appropriate law enforcement entity make an appropriate formal request.

1 Like

Plus, it's possible that the subscriber specified a fake email address, or no email address at all, and that their IP address(es) may not be very traceable either.

2 Likes

Right, there’s no guarantee that any information ISRG has about the subscriber can actually be used to locate or identify him or her.

1 Like

I’ve contacted the domain host through their abuse system.
Also found a IP address, but of course it’s from a VPS, I did contact the host and if there is any information available I will proceed with legal actions.

Thanks for the information.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.