covid.icu Threat Intelligence and Information

Host Location

Dig Results

• Got answer:
• -»HEADER«- opcode: QUERY, status: NOERROR, id: 15963
• flags: qr rd ra QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
• OPT PSEUDOSECTION:
• EDNS: version: 0, flags: udp: 1432
• QUESTION SECTION:
• covid.icu. IN A
• ANSWER SECTION:
• covid.icu. 10797 IN A 199.59.243.228
• Query time: 0 msec
• SERVER: 192.168.1.153(192.168.1.1) (UDP)
• WHEN: Thu Aug 28 00:07:54 UTC 2025
• MSG SIZE rcvd: 54

Whois Data

• Domain Name: COVID.ICU
• Registry Domain ID: D309558838-CNIC
• Registrar URL: https://porkbun.com/
• Updated Date: 2025-05-07T04:35:40.0Z
• Creation Date: 2022-07-17T13:04:41.0Z
• Registry Expiry Date: 2029-07-17T23:59:59.0Z
• Registrar: Porkbun, LLC
• Registrar IANA ID: 1861
• Name Server: NS1.BODIS.COM
• Name Server: NS2.BODIS.COM
• DNSSEC: unsigned
• Registrar Abuse Contact Email: abuse@porkbun.com
• Registrar Abuse Contact Phone: +1.8557675286
• https://www.centralnicregistry.com/support/information/rdap «<
• blacklisted. All data is (c) CentralNic Ltd (https://www.centralnicregistry.com)

SSL Certificate Information

• Certificate:
• Data:
• Version: 3 (0x2)
• Serial Number:
• 06:14:00:3b:c5:a8:13:00:b9:7d:5f:5a:8b:29:7e:9a:ec:36
• Signature Algorithm: ecdsa-with-SHA384
• Issuer: C = US, O = Let’s Encrypt, CN = E6
• Validity
• Not Before: Aug 6 15:05:41 2025 GMT
• Not After : Nov 4 15:05:40 2025 GMT
• Subject: CN = covid.icu
• Subject Public Key Info:
• Public Key Algorithm: id-ecPublicKey
• Public-Key: (256 bit)
• pub:
• 04:df:fb:81:d4:f3:09:72:41:8e:58:60:e3:b2:0c:
• b9:d0:1c:f7:9e:3e:40:d4:9e:08:c0:e5:08:14:c8:
• 66:0d:f4:7d:b2:c4:3c:60:02:68:b3:08:17:5a:78:
• 74:c7:28:7c:c7:65:be:c2:81:ad:b1:6e:44:60:9b:
• f4:f0:09:e9:cb
• ASN1 OID: prime256v1
• NIST CURVE: P-256
• X509v3 extensions:
• X509v3 Key Usage: critical
• Digital Signature
• X509v3 Extended Key Usage:
• TLS Web Server Authentication, TLS Web Client Authentication
• X509v3 Basic Constraints: critical
• CA:FALSE
• X509v3 Subject Key Identifier:
• 9C:ED:7B:0E:91:C4:9A:BC:CA:B4:04:0E:7B:EF:24:9D:DF:F9:91:C5
• X509v3 Authority Key Identifier:
• 93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
• Authority Information Access:
• CA Issuers - URI:http://e6.i.lencr.org/
• X509v3 Subject Alternative Name:
• DNS:*.covid.icu, DNS:covid.icu
• X509v3 Certificate Policies:
• Policy: 2.23.140.1.2.1
• X509v3 CRL Distribution Points:
• Full Name:
• URI:http://e6.c.lencr.org/55.crl
• CT Precertificate SCTs:
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
• 67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
• Timestamp : Aug 6 16:04:11.728 2025 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:46:02:21:00:C3:FC:00:19:8D:93:76:C4:51:ED:83:
• 92:DD:B5:6C:2F:8A:0D:BC:57:0D:C7:A5:BB:68:AE:60:
• 3B:59:C8:FC:48:02:21:00:C2:88:D4:EB:92:6D:13:48:
• E5:73:10:BC:E0:24:90:92:17:2B:A1:D6:D9:AD:0F:42:
• 18:B9:48:57:61:EF:CB:26
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
• 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
• Timestamp : Aug 6 16:04:11.743 2025 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:45:02:21:00:E0:98:DE:DE:77:88:F9:71:1E:C5:20:
• 96:12:9F:56:AD:8C:4A:45:1A:14:E0:39:14:50:18:DC:
• 14:5A:6E:F2:EF:02:20:65:E1:EF:5D:16:64:2F:C6:32:
• 31:13:23:D4:72:B9:17:38:7F:A5:9F:84:E0:E1:20:91:
• 94:97:69:3D:C9:B3:32
• Signature Algorithm: ecdsa-with-SHA384
• Signature Value:
• 30:66:02:31:00:fd:98:d5:1f:e7:c8:ee:84:d4:c3:4a:10:6e:
• 9b:3f:6a:c3:43:54:3e:1e:f7:85:b5:5c:3b:d1:d5:3b:c7:ec:
• 9c:22:37:bb:c2:b4:90:68:b7:fb:e2:bd:5e:1d:54:5f:72:02:
• 31:00:94:63:17:09:0d:c3:7e:b9:87:2d:c9:33:df:f5:ed:a0:
• f6:75:5d:ba:5d:48:6a:44:88:59:4d:13:f2:56:17:86:6b:79:
• 88:cf:5c:f3:2d:fe:e0:61:e6:2c:77:25:d9:a9

Additional Links

*** Virustotal ***

*** WayBackMachine ***