heatcovid.com Threat Intelligence and Information

Host Location

Dig Results

• Got answer:
• -»HEADER«- opcode: QUERY, status: NOERROR, id: 36490
• flags: qr rd ra QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
• OPT PSEUDOSECTION:
• EDNS: version: 0, flags: udp: 512
• QUESTION SECTION:
• heatcovid.com. IN A
• ANSWER SECTION:
• heatcovid.com. 300 IN A 45.88.202.115
• Query time: 724 msec
• SERVER: 192.168.1.153(192.168.1.1)
• WHEN: Tue May 10 01:28:39 UTC 2022
• MSG SIZE rcvd: 58

DNS Records

• SOA ns3.epik.com 52.55.168.70
• NS ns4.epik.com 91.149.194.188
• NS ns3.epik.com 52.55.168.70
• A heatcovid.com 45.88.202.115

Whois Data

• Domain Name: HEATCOVID.COM
• Registry Domain ID: 2636262224_DOMAIN_COM-VRSN
• Registrar URL: http://porkbun.com
• Updated Date: 2022-04-18T23:11:34Z
• Creation Date: 2021-08-25T00:33:01Z
• Registry Expiry Date: 2022-08-25T00:33:01Z
• Registrar: Porkbun LLC
• Registrar IANA ID: 1861
• Registrar Abuse Contact Email: abuse@porkbun.com
• Registrar Abuse Contact Phone: 5038508351
• Name Server: NS3.EPIK.COM
• Name Server: NS4.EPIK.COM
• DNSSEC: unsigned
• Domain Name: HEATCOVID.COM
• Registry Domain ID: 2636262224_DOMAIN_COM-VRSN
• Registrar URL: http://www.porkbun.com
• Updated Date: 2021-08-25 00:33:02
• Created Date: 2021-08-25 00:33:01
• Registrar Registration Expiration Date: 2022-08-25 00:33:01
• Registrar: Porkbun LLC
• Registrar IANA ID: 1861
• Registrar Abuse Contact Email: abuse@porkbun.com
• Registrar Abuse Contact Phone: +1.5038508351
• Registry Registrant ID:
• Registrant Name: Whois Privacy
• Registrant Organization: Private by Design, LLC
• Registrant City: Sanford
• Registrant State/Province: NC
• Registrant Postal Code: 27330
• Registrant Country: US
• Registrant Phone: +1.9712666028
• Registrant Phone Ext:
• Registrant Fax:
• Registrant Fax Ext:
• Registry Admin ID:
• Admin Name: Whois Privacy
• Admin Organization: Private by Design, LLC
• Admin City: Sanford
• Admin State/Province: NC
• Admin Postal Code: 27330
• Admin Country: US
• Admin Phone: +1.9712666028
• Admin Phone Ext:
• Admin Fax:
• Admin Fax Ext:
• Registry Tech ID:
• Tech Name: Whois Privacy
• Tech Organization: Private by Design, LLC
• Tech City: Sanford
• Tech State/Province: NC
• Tech Postal Code: 27330
• Tech Country: US
• Tech Phone: +1.9712666028
• Tech Phone Ext:
• Tech Fax:
• Tech Fax Ext:
• Name Server: ns3.epik.com
• Name Server: ns4.epik.com

SSL Certificate Information

• Certificate:
• Data:
• Version: 3 (0x2)
• Serial Number:
• 04:f8:2f:d2:a0:19:d4:6b:e7:0d:44:bd:f5:5f:ed:d6:e9:5b
• Signature Algorithm: sha256WithRSAEncryption
• Issuer: C = US, O = Let’s Encrypt, CN = R3
• Validity
• Not Before: Apr 28 07:27:58 2022 GMT
• Not After : Jul 27 07:27:57 2022 GMT
• Subject: CN = heatcovid.com
• Subject Public Key Info:
• Public Key Algorithm: id-ecPublicKey
• Public-Key: (384 bit)
• pub:
• 04:ef:1b:95:9d:cc:58:79:12:32:41:47:f1:fd:75:
• d5:81:08:3e:d0:a7:3b:a2:1f:12:cb:c3:83:2c:df:
• da:61:7f:48:b9:e6:59:41:10:d9:7a:c6:00:57:9c:
• fe:45:61:d4:69:9a:f6:1e:5e:6a:44:c7:2d:c2:b9:
• 94:f6:68:4d:96:46:df:b2:5b:7a:d3:61:94:86:04:
• 05:f6:53:d1:42:2d:5e:c7:43:98:0b:b8:71:f4:8c:
• 5d:79:2d:8f:bb:ad:f4
• ASN1 OID: secp384r1
• NIST CURVE: P-384
• X509v3 extensions:
• X509v3 Key Usage: critical
• Digital Signature
• X509v3 Extended Key Usage:
• TLS Web Server Authentication, TLS Web Client Authentication
• X509v3 Basic Constraints: critical
• CA:FALSE
• X509v3 Subject Key Identifier:
• 7A:4A:96:C2:F9:CC:DC:BF:21:C9:0F:EE:2C:77:0E:F0:1F:CE:84:D9
• X509v3 Authority Key Identifier:
• keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
• Authority Information Access:
• OCSP - URI:http://r3.o.lencr.org
• CA Issuers - URI:http://r3.i.lencr.org/
• X509v3 Subject Alternative Name:
• DNS:heatcovid.com
• X509v3 Certificate Policies:
• Policy: 2.23.140.1.2.1
• Policy: 1.3.6.1.4.1.44947.1.1.1
• CPS: http://cps.letsencrypt.org
• CT Precertificate SCTs:
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
• 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
• Timestamp : Apr 28 08:27:58.742 2022 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:44:02:20:64:BB:8E:8D:D6:3E:B6:0C:61:E6:27:A5:
• A2:60:2C:A0:12:FE:2A:2F:74:2F:B6:90:1A:04:28:00:
• C5:66:48:F1:02:20:55:25:BD:CF:F9:4E:E8:07:AA:5E:
• 55:B7:88:5D:98:E2:F2:15:F7:40:69:18:D8:B2:7C:91:
• 03:82:C8:92:2C:2A
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
• BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
• Timestamp : Apr 28 08:27:58.763 2022 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:44:02:20:42:F0:F2:6C:91:71:81:9F:96:D0:E9:FE:
• DD:14:42:FB:55:11:B1:E4:ED:11:F7:CC:63:62:23:C3:
• 13:23:4A:70:02:20:7D:FC:BD:52:FA:B6:DC:9E:79:B8:
• A8:8E:57:6A:56:73:47:FD:F6:A7:D8:3A:07:49:77:C7:
• FD:CF:0A:27:E1:D9
• Signature Algorithm: sha256WithRSAEncryption
• a2:3d:68:b3:2d:fd:e6:d2:1f:1a:72:38:8a:80:aa:aa:ac:4a:
• a5:af:35:af:a4:21:1c:3f:68:b2:26:bb:d6:e9:01:e0:ba:2a:
• ea:c1:1a:d5:6e:03:b9:8e:f5:e1:c2:27:79:bf:76:ff:2c:5c:
• e4:dd:e8:6b:19:33:e0:4a:f1:75:3f:c9:89:6b:08:1a:56:a0:
• e4:02:42:c8:45:06:28:83:9e:1e:3b:8e:4c:ae:7b:61:9b:73:
• cb:0f:d4:72:4a:3c:55:85:09:da:c3:ea:25:c1:0c:15:e3:ce:
• b2:5c:6c:cc:f8:0e:bc:a2:e5:ac:dd:e4:28:82:e4:8b:a4:70:
• 14:17:9c:a6:78:df:91:fd:9a:c3:20:e7:b0:ab:27:51:55:62:
• 3f:54:25:48:9f:0a:37:45:01:be:4e:5b:8e:e0:26:9a:df:61:
• d9:4f:00:38:84:2a:16:2c:3d:e7:b8:98:d9:8f:78:46:56:49:
• 9f:f8:3e:06:89:60:9a:03:7a:a0:06:3f:e3:b0:f6:55:02:a2:
• 73:b5:c8:f5:4d:c1:c6:e2:9c:63:7b:10:c8:93:5c:b7:17:d1:
• b7:a7:cd:35:c3:75:7a:74:e3:7c:0c:0d:75:f6:51:56:cc:cf:
• c7:ec:72:88:60:16:bb:f4:d3:45:dd:e0:f2:5c:dc:06:34:ec:
• 56:d2:55:06

Sitemap

Technologies

nginx nginx

Additional Links

*** Virustotal ***

*** WayBackMachine ***