Starfield Secure Certificate Authority - G2

Starfield Secure Certificate Authority - G2 is a publicly trusted intermediate certificate authority operated by Starfield Technologies, LLC and chained to Starfield Root Certificate Authority - G2. It is recognized by all mainstream browsers and operating system trust stores, so the certificate itself is not a phishing indicator - the same intermediate signs millions of legitimate sites. phishunt only flags the specific domains listed below as suspicious; Starfield Secure Certificate Authority - G2 as a CA is fine.

Starfield Technologies, LLC issues RSA domain-validated certificates automatically and at no cost (or very low cost), which is the exact workflow scammers need to put HTTPS on a throwaway domain. Domain validation only proves that the requester controls the domain name, not that the site behind it is trustworthy. phishunt lists the specific domains currently flagged below — those are the suspicious ones, not Starfield Secure Certificate Authority - G2 itself.

In a desktop browser, click the padlock in the address bar and open the certificate viewer. Confirm the issuer chain ends at Starfield Root Certificate Authority - G2, that the subject matches the domain you expect, and that the notAfter date has not passed. A valid Starfield Secure Certificate Authority - G2 certificate only proves TLS was negotiated correctly — always verify the domain name itself belongs to the service you intended to visit.

Starfield Secure Certificate Authority - G2 and its siblings (Go Daddy Secure Certificate Authority - G2) share the same operator (Starfield Technologies, LLC) and roll up to the same root (Starfield Root Certificate Authority - G2). CAs rotate multiple intermediates so that if one key ever has to be revoked, the damage is contained. As a user, you can treat all of them as the same trust anchor.