withered-pond-0c24.google-paly-br.workers.dev

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3037::6815:5a35, located in United States and belongs to CLOUDFLARENET, US. The main domain is withered-pond-0c24.google-paly-br.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on November 17th 2022. Valid for: 3 months.

This is the only time withered-pond-0c24.google-paly-br.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:5a35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.110 99.86.4.110	16509 (AMAZON-02) (AMAZON-02)
2	2

1 2606:4700:3037::6815:5a35 (United States)

ASN13335 (CLOUDFLARENET, US)

withered-pond-0c24.google-paly-br.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-110.fra6.r.cloudfront.net

recarga.vivo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	vivo.com.br recarga.vivo.com.br	23 KB
1	workers.dev withered-pond-0c24.google-paly-br.workers.dev	2 KB
2	2

	Domain	Requested by
1	recarga.vivo.com.br	withered-pond-0c24.google-paly-br.workers.dev
1	withered-pond-0c24.google-paly-br.workers.dev
2	2

This site contains no links.

Subject Issuer	Validity	Valid
*.google-paly-br.workers.dev GTS CA 1P5	`2022-11-17` - `2023-02-15`	3 months	crt.sh
recarga.vivo.com.br GlobalSign GCC R3 DV TLS CA 2020	`2022-07-05` - `2023-08-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://withered-pond-0c24.google-paly-br.workers.dev/
Frame ID: 1EE4891D518C01F54D1644DD1327E012
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Document

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

25 kB
Transfer

23 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
withered-pond-0c24.google-paly-br.workers.dev/ 4 KB
2 KB 147ms
46ms Document
text/html 2606:4700:3037::6815:5a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://withered-pond-0c24.google-paly-br.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75083cfc9e1e97ff1325632340f444ba03482fa79b78449709d365dfd2aab05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 76be3456de4c9101-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 18 Nov 2022 05:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLcrJ7myT8lsOVHUVJXnjgALkToanWGsSkg0FCRL3zL3f%2FX0CZmpLscleRSfDKutY2hooou9QUBmSkR4Xfo%2F0a9YSDTyR6V1xmhXmojUpdgOB9tRV6q2IKc2%2FBy%2FAcSjrvj2ivg2us1pmGzSH4HchobcC%2BdBJCjOetfhvTKqDvbRJ1ZsIT1KNN4OBSI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 home_mobile.11c1ee88.webp
recarga.vivo.com.br/static/media/ 19 KB
23 KB 640ms
43ms Image
binary/octet-stream 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recarga.vivo.com.br/static/media/home_mobile.11c1ee88.webp

Requested by

Host: withered-pond-0c24.google-paly-br.workers.dev
URL: https://withered-pond-0c24.google-paly-br.workers.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-110.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fd446fa3ad475e7f845be466aab89f7cda6dfdcc57a808d7ce005f1325d33e7f

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .m4u.com.br .googleadservices.com .doubleclick.net https://cm.everesttech.net https://pay.google.com https://maxcdn.bootstrapcdn.com/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com https://ajax.googleapis.com https://maps.googleapis.com https://fonts.googleapis.com/ https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com .hotjar.com:* .hotjar.com: .hotjar.io .hotjar.io .hotjar.com .google-analytics.com .newrelic.com .nr-data.net .criteo.com .adobedtm.com .omtrdc.net .demdex.net https://recarga-api.vivo.com.br https://www.googletagmanager.com https://www.googleoptimize.com https://optimize.google.com https://tagmanager.google.com .clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co .igodigital.com https://portalrecarga.vivo.com.br https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; img-src 'self' data: http://vivo.zerod.mobi .sc.omtrdc.net .criteo.com https://dpm.demdex.net .google-analytics.com https://www.facebook.com/ .doubleclick.net https://pay.google.com https://cm.everesttech.net https://www.google.com https://www.google.com.br https://sync.outbrain.com https://secure.adnxs.com https://www.googletagmanager.com http://vivo.icarrier.com.br .clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co .igodigital.com https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; font-src 'self' data: .m4u.com.br; frame-ancestors 'self' .m4u.com.br *.vivo.com.br;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	worker-src blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: .m4u.com.br .googleadservices.com .doubleclick.net https://cm.everesttech.net https://pay.google.com https://maxcdn.bootstrapcdn.com/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com https://ajax.googleapis.com https://maps.googleapis.com https://fonts.googleapis.com/ https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com .hotjar.com:* .hotjar.com: .hotjar.io .hotjar.io .hotjar.com .google-analytics.com .newrelic.com .nr-data.net .criteo.com .adobedtm.com .omtrdc.net .demdex.net https://recarga-api.vivo.com.br https://www.googletagmanager.com https://www.googleoptimize.com https://optimize.google.com https://tagmanager.google.com .clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co .igodigital.com https://portalrecarga.vivo.com.br https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; img-src 'self' data: http://vivo.zerod.mobi .sc.omtrdc.net .criteo.com https://dpm.demdex.net .google-analytics.com https://www.facebook.com/ .doubleclick.net https://pay.google.com https://cm.everesttech.net https://www.google.com https://www.google.com.br https://sync.outbrain.com https://secure.adnxs.com https://www.googletagmanager.com http://vivo.icarrier.com.br .clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co .igodigital.com https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; font-src 'self' data: .m4u.com.br; frame-ancestors 'self' .m4u.com.br *.vivo.com.br;
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://withered-pond-0c24.google-paly-br.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 12:57:01 GMT
content-security-policy: worker-src blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.m4u.com.br *.googleadservices.com *.doubleclick.net https://cm.everesttech.net https://pay.google.com https://maxcdn.bootstrapcdn.com/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com https://ajax.googleapis.com https://maps.googleapis.com https://fonts.googleapis.com/ https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com *.hotjar.com:* *.hotjar.com:* *.hotjar.io *.hotjar.io *.hotjar.com *.google-analytics.com *.newrelic.com *.nr-data.net *.criteo.com *.adobedtm.com *.omtrdc.net *.demdex.net https://recarga-api.vivo.com.br https://www.googletagmanager.com https://www.googleoptimize.com https://optimize.google.com https://tagmanager.google.com *.clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co *.igodigital.com https://portalrecarga.vivo.com.br https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; img-src 'self' data: http://vivo.zerod.mobi *.sc.omtrdc.net *.criteo.com https://dpm.demdex.net *.google-analytics.com https://www.facebook.com/ *.doubleclick.net https://pay.google.com https://cm.everesttech.net https://www.google.com https://www.google.com.br https://sync.outbrain.com https://secure.adnxs.com https://www.googletagmanager.com http://vivo.icarrier.com.br *.clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co *.igodigital.com https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; font-src 'self' data: *.m4u.com.br; frame-ancestors 'self' *.m4u.com.br *.vivo.com.br;
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 836056
x-cache: Hit from cloudfront
content-length: 19442
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Nov 2022 12:25:52 GMT
server: AmazonS3
etag: "11c1ee88c0e604feac0fb07244dd19df"
x-frame-options: ALLOWALL
content-type: binary/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
x-webkit-csp: worker-src blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.m4u.com.br *.googleadservices.com *.doubleclick.net https://cm.everesttech.net https://pay.google.com https://maxcdn.bootstrapcdn.com/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com https://ajax.googleapis.com https://maps.googleapis.com https://fonts.googleapis.com/ https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com *.hotjar.com:* *.hotjar.com:* *.hotjar.io *.hotjar.io *.hotjar.com *.google-analytics.com *.newrelic.com *.nr-data.net *.criteo.com *.adobedtm.com *.omtrdc.net *.demdex.net https://recarga-api.vivo.com.br https://www.googletagmanager.com https://www.googleoptimize.com https://optimize.google.com https://tagmanager.google.com *.clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co *.igodigital.com https://portalrecarga.vivo.com.br https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; img-src 'self' data: http://vivo.zerod.mobi *.sc.omtrdc.net *.criteo.com https://dpm.demdex.net *.google-analytics.com https://www.facebook.com/ *.doubleclick.net https://pay.google.com https://cm.everesttech.net https://www.google.com https://www.google.com.br https://sync.outbrain.com https://secure.adnxs.com https://www.googletagmanager.com http://vivo.icarrier.com.br *.clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co *.igodigital.com https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; font-src 'self' data: *.m4u.com.br; frame-ancestors 'self' *.m4u.com.br *.vivo.com.br;
x-amz-cf-id: E6xjEri53jO2XPlal4WR5HF1cIwfZKgEpQEFtTQAU08QPSRn9SmTng==
x-content-security-policy: worker-src blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.m4u.com.br *.googleadservices.com *.doubleclick.net https://cm.everesttech.net https://pay.google.com https://maxcdn.bootstrapcdn.com/ https://oss.maxcdn.com/ https://cdnjs.cloudflare.com https://ajax.googleapis.com https://maps.googleapis.com https://fonts.googleapis.com/ https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com *.hotjar.com:* *.hotjar.com:* *.hotjar.io *.hotjar.io *.hotjar.com *.google-analytics.com *.newrelic.com *.nr-data.net *.criteo.com *.adobedtm.com *.omtrdc.net *.demdex.net https://recarga-api.vivo.com.br https://www.googletagmanager.com https://www.googleoptimize.com https://optimize.google.com https://tagmanager.google.com *.clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co *.igodigital.com https://portalrecarga.vivo.com.br https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; img-src 'self' data: http://vivo.zerod.mobi *.sc.omtrdc.net *.criteo.com https://dpm.demdex.net *.google-analytics.com https://www.facebook.com/ *.doubleclick.net https://pay.google.com https://cm.everesttech.net https://www.google.com https://www.google.com.br https://sync.outbrain.com https://secure.adnxs.com https://www.googletagmanager.com http://vivo.icarrier.com.br *.clicktale.net https://static.ads-twitter.com https://analytics.twitter.com https://t.co *.igodigital.com https://portalrecarga.vivo.com.br/portal-event/event/view/offer/; font-src 'self' data: *.m4u.com.br; frame-ancestors 'self' *.m4u.com.br *.vivo.com.br;

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

recarga.vivo.com.br
withered-pond-0c24.google-paly-br.workers.dev
2606:4700:3037::6815:5a35
99.86.4.110
c75083cfc9e1e97ff1325632340f444ba03482fa79b78449709d365dfd2aab05
fd446fa3ad475e7f845be466aab89f7cda6dfdcc57a808d7ce005f1325d33e7f

withered-pond-0c24.google-paly-br.workers.dev Open in urlscan Pro 2606:4700:3037::6815:5a35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

25 kBTransfer

23 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

withered-pond-0c24.google-paly-br.workers.dev Open in urlscan Pro
2606:4700:3037::6815:5a35 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

25 kB
Transfer

23 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions