ww38.worker.granolabar.com
185.53.177.29 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://worker.granolabar.com/ 8mo old
Effective URL:
http://ww38.worker.granolabar.com/ 1mo old
Submission Tags: @phish_report
Submission: On April 13 via api (April 13th 2026, 2:14:03 pm UTC) from FI — Scanned from DE

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 24 HTTP transactions. The main IP is 185.53.177.29, located in Germany and belongs to TEAMINTERNET-AS Team Internet AG, DE. The main domain is ww38.worker.granolabar.com. 1mo old

This is the only time ww38.worker.granolabar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	103.224.182.243 103.224.182.243	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	2600:9000:201... 2600:9000:2013:9c00:11:884b:9e40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	185.53.177.29 185.53.177.29	61969 (TEAMINTER...) (TEAMINTERNET-AS Team Internet AG)
1	2600:9000:20e... 2600:9000:20e8:400:9:f0bc:eec0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC - Confluence Networks Inc)
3	2a05:d018:56f... 2a05:d018:56f:b802:834:8d0e:be2f:5ebe	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	199.191.50.135 199.191.50.135	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC - Confluence Networks Inc)
24	10

4 103.224.182.243 (San Diego, United States) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-243.above.com

worker.granolabar.com 8mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:2013:9c00:11:884b:9e40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ob.sd559908.js.htttrack.com 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

obs.sd559908.js.htttrack.com 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 185.53.177.29 (Germany)

ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)

ww38.worker.granolabar.com 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:20e8:400:9:f0bc:eec0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

euob.primecirclenet.com 2mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)

yfdnzfa.com 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a05:d018:56f:b802:834:8d0e:be2f:5ebe (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

obseu.primecirclenet.com 2mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.114.97.3 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

l.cdn-fileserver.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 199.191.50.135 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)

searchnowexpert.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
7	granolabar.com 1 redirects worker.granolabar.com 8mo old ww38.worker.granolabar.com 1mo old	42 KB
4	primecirclenet.com euob.primecirclenet.com — Cisco Umbrella Rank: 143850 2mo old obseu.primecirclenet.com — Cisco Umbrella Rank: 114124 2mo old	46 KB
4	htttrack.com ob.sd559908.js.htttrack.com — Cisco Umbrella Rank: 384769 4mo old obs.sd559908.js.htttrack.com — Cisco Umbrella Rank: 374161 4mo old	46 KB
1	searchnowexpert.com searchnowexpert.com — Cisco Umbrella Rank: 616591 1yr old
1	cdn-fileserver.com l.cdn-fileserver.com — Cisco Umbrella Rank: 92919 1yr old s.cdn-fileserver.com Failed 1yr old	658 B
1	yfdnzfa.com yfdnzfa.com — Cisco Umbrella Rank: 875932 10mo old	4 KB
0	yimg.com Failed s.yimg.com Failed 13yr old
0	microsoft.com Failed msadsscale.microsoft.com Failed 1yr old
0	clarity.ms Failed scripts.clarity.ms Failed 10mo old
24	9

	Domain	Requested by
4	worker.granolabar.com	1 redirects worker.granolabar.com
3	obseu.primecirclenet.com	euob.primecirclenet.com ww38.worker.granolabar.com
3	ww38.worker.granolabar.com	worker.granolabar.com ww38.worker.granolabar.com
3	obs.sd559908.js.htttrack.com	ob.sd559908.js.htttrack.com worker.granolabar.com
1	searchnowexpert.com	yfdnzfa.com
1	l.cdn-fileserver.com	yfdnzfa.com
1	yfdnzfa.com	ww38.worker.granolabar.com
1	euob.primecirclenet.com	ww38.worker.granolabar.com
1	ob.sd559908.js.htttrack.com	worker.granolabar.com
0	s.cdn-fileserver.com Failed	searchnowexpert.com
0	s.yimg.com Failed	yfdnzfa.com
0	msadsscale.microsoft.com Failed	yfdnzfa.com
0	scripts.clarity.ms Failed	yfdnzfa.com
24	13

This site contains links to these domains. Also see Links.

Domain
www.mydomaincontact.com

Subject Issuer	Validity	Valid
331870.vip R12	`2026-03-02` - `2026-05-31`	3mo	crt.sh
*.sd559908.js.htttrack.com Amazon RSA 2048 M04	`2026-01-05` - `2027-02-03`	1yr	crt.sh
*.primecirclenet.com Amazon RSA 2048 M04	`2026-01-29` - `2027-02-27`	1yr	crt.sh
yfdnzfa.com R12	`2026-03-20` - `2026-06-18`	3mo	crt.sh
cdn-fileserver.com WE1	`2026-03-28` - `2026-06-26`	3mo	crt.sh
searchnowexpert.com R12	`2026-02-22` - `2026-05-23`	3mo	crt.sh

This page contains 3 frames:

Primary Page: http://ww38.worker.granolabar.com/
Frame ID: CC0D6A130080F0231C43ED48254DB4E2
Requests: 17 HTTP requests in this frame

Frame: https://yfdnzfa.com/?dn=granolabar.com&pid=9PO755G95
Frame ID: 7F6470E285E6CA3D078E0ABB5C6B2003
Requests: 2 HTTP requests in this frame

Frame: https://searchnowexpert.com/sr/754870121/SAFEFRAME.html?ule=946&%21q%2A7c=&%2A%21vo%2Ai=~jjC%3A%2F%2FH%2Ap_Giprp%2A0qG.&.SCp=y&1r7c=&6S~C=y&6iSjC=y&7S7c=y&7_jqi=tk21m%29z2x%3AOu5%7C3%21t2%3AQYb07o0o7g0Lg&97=V%29%29WytYWBtUyzWtUVy%29&C7c=&G7c=qqUBYyf%293rYfQ3B%29fY3pWtV3z%29zc%29frQ%29pcp&GipQ=G_%21&HcC%2A=V&HcC%2Aq_Sj=&O6%2AQ=~jjC%3A%2F%2F66ft06G%2AO%21%2A0H%2Ap_Giprp%2A0qG.%2F&Oc=&QS=&S7e%21=VVzBhWtY&SSic=%7B%22SSqq%22%3A%22T2%22%2C%22SSqjZ%22%3A%22Q%2Ap_OQo%2Aj+p.+.p7_%22%2C%22SS7C%22%3A%22%22%2C%22SSSq%22%3A%22L2%22%7D&Sq=L2&Src%2AAc=&ZCiC=&ZcSC%2A=&Zr_IqqI%21hC=&_.%21%2A%2A=V&_j9=&c%21q...=&c.%2AQ=V&htmlsrc=1&iUjZC%21=c.Gip&jSq%21=MVVYt&kkdd=Hh%7Ch%7CA%2A93uHn&oHc=B&oSC%21_Q=y&pCJo=&pc9=&pcG.p7_=&pcjU=&pcjV=&pqj=8uA_%2Fh%28eppuPuoHvf%2F%21ephfo%2F%21huPQ%2F%28vHP&prQi67c=9U&q%2A7c=%29%29BU%29UWty&q7c=tJ-Ufy%29fU&qc9=5fyzW&qjC7c=&qq=T2&q~_.U=GS9BI7_jq&q~_.f=Y85%29zzFYz&r%21=y&r7c=&r7c9U=&rc%2AAc=&rp%21=&tpid=&~jjCS=V&eobd=&eoac=RvYbkNvbY&ure=1
Frame ID: 4EC657CCF88A1DBFA42029D64DFABB9F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

granolabar.com

Page URL History Show full URLs

http://worker.granolabar.com/ HTTP 307
https://worker.granolabar.com/ Page URL
http://worker.granolabar.com/?tr_uuid=20260414-0014-045a-93e9-6f5df79c68a4&fp=0c86acbfa86dc070abd86c3e2f7... HTTP 307
https://worker.granolabar.com/?tr_uuid=20260414-0014-045a-93e9-6f5df79c68a4&fp=0c86acbfa86dc070abd86c3e2f7... HTTP 302
http://ww38.worker.granolabar.com/ HTTP 307
https://ww38.worker.granolabar.com/ HTTP 307
http://ww38.worker.granolabar.com/ Page URL

Page Statistics

24
Requests

58 %
HTTPS

44 %
IPv6

9
Domains

13
Subdomains

10
IPs

5
Countries

139 kB
Transfer

340 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mydomaincontact.com/?domain_name=granolabar.com
Title: Informationen zu dieser Domain

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://worker.granolabar.com/ HTTP 307
https://worker.granolabar.com/ Page URL
http://worker.granolabar.com/?tr_uuid=20260414-0014-045a-93e9-6f5df79c68a4&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=e33487a64bc21d9701219e4baf2d85a1 HTTP 307
https://worker.granolabar.com/?tr_uuid=20260414-0014-045a-93e9-6f5df79c68a4&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=e33487a64bc21d9701219e4baf2d85a1 HTTP 302
http://ww38.worker.granolabar.com/ HTTP 307
https://ww38.worker.granolabar.com/ HTTP 307
http://ww38.worker.granolabar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://worker.granolabar.com/ HTTP 307
https://worker.granolabar.com/

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
worker.granolabar.com/
Redirect Chain

http://worker.granolabar.com/
https://worker.granolabar.com/

3 KB
1 KB

716ms
212ms

Document
text/html

103.224.182.243
TRELLIAN-AS-AP Tr...

General

Domain/Path	Expires	Name / Value
worker.granolabar.com/	1970-01-21 22:57:29	Name: __tad Value: 1776089644.1380551
.granolabar.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1776089644.E58LukYwrT8zagw9
.granolabar.com/	1970-01-21 22:57:29	Name: _cq_session Value: 1.1776089644531.iME4Wq8is3pMzciF.1776089644529
obs.sd559908.js.htttrack.com/	1970-01-21 21:25:20	Name: cg_uuid Value: d38bb92bb37d5feacc30132315b42239
.granolabar.com/	1970-01-21 22:07:05	Name: _cq_duid Value: 4.6495925ec34f2a3733a5ae31643cefb3
.granolabar.com/	1970-01-21 22:07:05	Name: _cq_pvid Value: 4.e33487a64bc21d9701219e4baf2d85a1
obseu.primecirclenet.com/	1970-01-21 21:25:20	Name: cg_uuid Value: 0d24a8792f64f531de47142caf766544

Source	Level	URL Text
rendering	warning	URL: https://worker.granolabar.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2FC064510A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
worker	warning	URL: https://worker.granolabar.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2FC064930A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://worker.granolabar.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2FC0644E0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://worker.granolabar.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://ww38.worker.granolabar.com/chronos?dune=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Yapb0-u89_b_kvpdsF2pTrvQQwMf8Zp7cgDLjzzQ5gEKKlJJe-kJ5w.2SL_trCVcgZBibS8MCTSQQ.CnzE-gCXU3MTuyhpOLWplnvio_vtu8DBu7PlDyonHTsGNTL-ncc4bRYqPddRIefqun4kUyXuQCLywdBfkkiyYTgidMBa8kPE4JYB0MwnWSW985C3ipAlWuLNL9sZs8yt4KOqSzAH-IFp3SEgf4NcrXcjyO73ZjqLw8r7wPLHFGpPsy5Sg8yh7Ndz1xtDpmxkQikzJDRA0vek_Et4fSwwhg.IN7pEG4ZhhcwfgulEQIJtQ&t=69dcfa30&token=7a000801207457e3d61cdfb36ad29916a1fac824 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
rendering	warning	URL: http://ww38.worker.granolabar.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2FC0644E0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
worker	warning	URL: http://ww38.worker.granolabar.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2FC064510A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

ww38.worker.granolabar.com 185.53.177.29 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

58 %HTTPS

44 %IPv6

9 Domains

13 Subdomains

10 IPs

5 Countries

139 kBTransfer

340 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

7 Cookies

7 Console Messages

Indicators

ww38.worker.granolabar.com
185.53.177.29 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

24
Requests

58 %
HTTPS

44 %
IPv6

9
Domains

13
Subdomains

10
IPs

5
Countries

139 kB
Transfer

340 kB
Size

7
Cookies

24 HTTP transactions
0 data transactions