whocovid19funds.com Open in urlscan Pro
2606:4700:3036::681c:5c6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://whocovid19funds.com/
Submission: On May 22 via automatic, source certstream-suspicious (May 22nd 2020, 1:30:40 pm UTC)

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3036::681c:5c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is whocovid19funds.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2020. Valid for: a year.

This is the only time whocovid19funds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:303... 2606:4700:3036::681c:5c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.216.228.15 95.216.228.15	24940 (HETZNER-AS) (HETZNER-AS)
1	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
62	9

37 2606:4700:3036::681c:5c6 (United States)

ASN13335 (CLOUDFLARENET, US)

whocovid19funds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kit-free.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb91.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.228.15 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.57.120 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

widget.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	whocovid19funds.com whocovid19funds.com	1013 KB
8	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsb91.tawk.to	122 KB
7	fontawesome.com kit.fontawesome.com kit-free.fontawesome.com	187 KB
5	googleapis.com fonts.googleapis.com	4 KB
3	jsdelivr.net cdn.jsdelivr.net	37 KB
2	getbutton.io static.getbutton.io widget.getbutton.io	7 KB
62	6

	Domain	Requested by
37	whocovid19funds.com	whocovid19funds.com
6	kit-free.fontawesome.com	kit.fontawesome.com whocovid19funds.com
5	fonts.googleapis.com	embed.tawk.to
3	vsb91.tawk.to	embed.tawk.to
3	cdn.jsdelivr.net	embed.tawk.to whocovid19funds.com
2	va.tawk.to	embed.tawk.to
2	static-v.tawk.to	whocovid19funds.com embed.tawk.to
1	widget.getbutton.io	static.getbutton.io
1	static.getbutton.io	whocovid19funds.com
1	embed.tawk.to	whocovid19funds.com
1	kit.fontawesome.com	whocovid19funds.com
62	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.google.com
www.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-22` - `2021-05-22`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.getbutton.io Sectigo RSA Domain Validation Secure Server CA	`2019-09-26` - `2021-09-23`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://whocovid19funds.com/
Frame ID: 88274E7A6BE6E8EB9149B4FDD8ADA6DB
Requests: 54 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 376C7C27A088C797DE3AF8E9B8C4F738
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 1AFA824CF9116D2793A4E8C9FC57FC44
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 408B361D02BDD7B29E7ED3212517EB7D
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 7912330288D2577F6842D694716E62A5
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 941A45484E7F38F7CB264FEFD2D1E1B8
Requests: 4 HTTP requests in this frame

Frame: https://widget.getbutton.io/widget/wSendButton?whatsapp=%2B447424261373&call_to_action=Message%20us&position=left&ga=false&branding=true&mobile=true&desktop=true&shift_vertical=0&shift_horizontal=0&domain=null&key=null&button_color=%23ff6550&parentWrapperId=wh-widget-send-button&clientHostname=whocovid19funds.com&showHelloPopup=1&isMobile=0
Frame ID: 0DC0B4CF216265B4DFF61BFD20EA4834
Requests: 1 HTTP requests in this frame