urlscan.io logo urlscan.io
SecurityTrails logo

google.grohe-cashback.de Open in urlscan Pro
35.186.196.221  Public Scan

Go To Rescan Add Verdict Report
URL: https://google.grohe-cashback.de/
Submission Tags: @phishunt_io
Submission: On April 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 35.186.196.221, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is google.grohe-cashback.de.
TLS certificate: Issued by GTS CA 1D4 on April 1st 2022. Valid for: 3 months.
This is the only time google.grohe-cashback.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 35.186.196.221 15169 (GOOGLE)
1 80.237.178.62 61157 (PLUSSERVE...)
9 3
Domain Requested by
5 google.grohe-cashback.de google.grohe-cashback.de
1 www.markenmehrwert.com google.grohe-cashback.de
9 2

This site contains links to these domains. Also see Links.

Domain
www.markenmehrwert.com
Subject Issuer Validity Valid
www.city-betriebe.de
GTS CA 1D4		 2022-04-01 -
2022-06-30		 3 months crt.sh
*.markenmehrwert.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-30 -
2022-05-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://google.grohe-cashback.de/
Frame ID: ACB0C4D283632A650BE3CAD5C636AF92
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grohe Cashback

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1819 kB
Transfer

1817 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google.grohe-cashback.de/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google.grohe-cashback.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.196.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.196.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cedd624750d78ff69a388775c6fef875814f0da964c1a2926a8d2f1149d67d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
7599
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2139
content-type
text/html
date
Fri, 01 Apr 2022 17:25:22 GMT
etag
"ff8245ba7557cdf8ca65c6dc25e36d8d"
last-modified
Mon, 14 Mar 2022 17:40:12 GMT
server
UploadServer
x-goog-generation
1647279612517813
x-goog-hash
crc32c=nXnZdQ== md5=/4JFunVXzfjKZcbcJeNtjQ==
x-goog-meta-goog-reserved-file-mtime
1647279607
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2139
x-guploader-uploadid
ADPycdt-4PhBGXpMm3Zw1o9zvc8MnjsvZBn44ZZvx5h1MdVSMTwnS9AgHn7CY1AF1mVz_ca0WDUNGsOJdenCZrB82YI
2.ab4da0d5.chunk.css
google.grohe-cashback.de/static/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.grohe-cashback.de/static/css/2.ab4da0d5.chunk.css
Requested by
Host: google.grohe-cashback.de
URL: https://google.grohe-cashback.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.196.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.196.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d0adec0802f95dcedbdee059013ea87930d54649992714568727e1117523103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.grohe-cashback.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 19:32:01 GMT
x-goog-meta-goog-reserved-file-mtime
1647279607
x-guploader-uploadid
ADPycdvIOoypJ7C9KjINyoh8xDmtFDwEOzVofMfiIeVB3NncGf5tGEvv84Gne8So9WYHhKQ_eLGI7v231ukTICTzJ6w0XkT02Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3886
last-modified
Mon, 14 Mar 2022 17:40:12 GMT
server
UploadServer
etag
"a80ecc61d1df8fa379dcbf461a3dabf1"
x-goog-hash
crc32c=vgZEZA==, md5=qA7MYdHfj6N53L9GGj2r8Q==
x-goog-generation
1647279612604111
cache-control
public,max-age=3600
x-goog-stored-content-length
3886
accept-ranges
bytes
content-type
text/css
2.d7907d91.chunk.js
google.grohe-cashback.de/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.grohe-cashback.de/static/js/2.d7907d91.chunk.js
Requested by
Host: google.grohe-cashback.de
URL: https://google.grohe-cashback.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.196.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.196.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8986c78c6cd0ed9c16b9916929301cd3cf47b4b7a5ebe779bef122168b9940ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.grohe-cashback.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 19:32:01 GMT
x-goog-meta-goog-reserved-file-mtime
1647279607
x-guploader-uploadid
ADPycdu-m9upp-9uNEIqa_uukvAxXf8V-p0bX66tmeJMa8f-5vxPphlYtrKve-MeYLnZ-GQwE40xQ6CPRKXkQMw8OOqBb215EQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1564032
last-modified
Mon, 14 Mar 2022 17:40:12 GMT
server
UploadServer
etag
"bfcb66fa7703bfe9deed9a9e5cdb2e33"
x-goog-hash
crc32c=+L73CQ==, md5=v8tm+ncDv+ne7ZqeXNsuMw==
x-goog-generation
1647279612826018
cache-control
public,max-age=3600
x-goog-stored-content-length
1564032
accept-ranges
bytes
content-type
application/javascript
main.52a2bd8d.chunk.js
google.grohe-cashback.de/static/js/ 		270 KB
270 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.grohe-cashback.de/static/js/main.52a2bd8d.chunk.js
Requested by
Host: google.grohe-cashback.de
URL: https://google.grohe-cashback.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.196.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.196.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5f034610937cc5d1479ce10105c58e0c6bfd782021be21adf8dd871dc4e60838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.grohe-cashback.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 19:32:01 GMT
x-goog-meta-goog-reserved-file-mtime
1647279607
x-guploader-uploadid
ADPycdupzA1HBtDOS6cH-9QNy6QVqtSWOaP7LVFVNXvgfaEC12EYm1lzjfTqXEhZ1Qz28qK64I8Dud7VH_F1q9P21GERLSEx4w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
276096
last-modified
Mon, 14 Mar 2022 17:40:13 GMT
server
UploadServer
etag
"7c487aa59e241eac21fa1bc8cab42485"
x-goog-hash
crc32c=E57jLg==, md5=fEh6pZ4kHqwh+hvIyrQkhQ==
x-goog-generation
1647279613322520
cache-control
public,max-age=3600
x-goog-stored-content-length
276096
accept-ranges
bytes
content-type
application/javascript
logo.61fd6d37.png
google.grohe-cashback.de/static/media/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.grohe-cashback.de/static/media/logo.61fd6d37.png
Requested by
Host: google.grohe-cashback.de
URL: https://google.grohe-cashback.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.196.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.196.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4fe5ba87508643f7543cc462655bf27586568c25f9a00a558e92b7a1dbed70ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.grohe-cashback.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 14:57:33 GMT
x-goog-meta-goog-reserved-file-mtime
1647279607
age
16468
x-guploader-uploadid
ADPycdsfTqogd9JhUhLrtzFLfbKE31__-hCCX9U33YuRG5ORgs8DoGKq8yeae87sImD4RWevRMlMHrkMlW5LI0hQ4Te7J7OqhQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14006
last-modified
Mon, 14 Mar 2022 17:40:12 GMT
server
UploadServer
etag
"0699a23ea623731fc7f9d5486ccfa296"
x-goog-hash
crc32c=fGLr/g==, md5=BpmiPqYjcx/H+dVIbM+ilg==
x-goog-generation
1647279612894768
cache-control
public,max-age=3600
x-goog-stored-content-length
14006
accept-ranges
bytes
content-type
image/png
overview
www.markenmehrwert.com/campaign/configurations/ 		0
0
RetailClientV4
www.markenmehrwert.com/api-v2/v1/resource/bundle/ 		0
0
TraderClient
www.markenmehrwert.com/api-v2/v1/resource/bundle/ 		0
0
overview
www.markenmehrwert.com/campaign/configurations/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.markenmehrwert.com/campaign/configurations/overview
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.237.178.62 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
www.markenmehrwert.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://google.grohe-cashback.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth-Access-Token
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
https://www.markenmehrwert.com
Connection
keep-alive
Content-Length
8
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Apr 2022 19:32:01 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
allow
GET,HEAD
etag
W/"8-8ww6QOmj5lyGjHVKXelZGQ"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.markenmehrwert.com
URL
https://www.markenmehrwert.com/campaign/configurations/overview
Domain
www.markenmehrwert.com
URL
https://www.markenmehrwert.com/api-v2/v1/resource/bundle/RetailClientV4?language=de
Domain
www.markenmehrwert.com
URL
https://www.markenmehrwert.com/api-v2/v1/resource/bundle/TraderClient?language=de

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackJsonpgrohe-cashback-de function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| $bu_getBrowser object| _buorgres

0 Cookies

6 Console Messages

Source Level URL
Text
javascript error URL: https://google.grohe-cashback.de/
Message:
Access to XMLHttpRequest at 'https://www.markenmehrwert.com/campaign/configurations/overview' from origin 'https://google.grohe-cashback.de' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.markenmehrwert.com' that is not equal to the supplied origin.
network error URL: https://www.markenmehrwert.com/campaign/configurations/overview
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://google.grohe-cashback.de/
Message:
Access to XMLHttpRequest at 'https://www.markenmehrwert.com/api-v2/v1/resource/bundle/TraderClient?language=de' from origin 'https://google.grohe-cashback.de' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.markenmehrwert.com' that is not equal to the supplied origin.
network error URL: https://www.markenmehrwert.com/api-v2/v1/resource/bundle/TraderClient?language=de
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://google.grohe-cashback.de/
Message:
Access to XMLHttpRequest at 'https://www.markenmehrwert.com/api-v2/v1/resource/bundle/RetailClientV4?language=de' from origin 'https://google.grohe-cashback.de' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.markenmehrwert.com' that is not equal to the supplied origin.
network error URL: https://www.markenmehrwert.com/api-v2/v1/resource/bundle/RetailClientV4?language=de
Message:
Failed to load resource: net::ERR_FAILED