Submitted URL: https://openandsecure.com/
Effective URL: https://todd.grotenhuis.info/
Submission: On October 26 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 108.168.157.70, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is todd.grotenhuis.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 4th 2020. Valid for: 3 months.
This is the only time todd.grotenhuis.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.111.4.54 11403 (NYINTERNET)
2 108.168.157.70 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 3
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 todd.grotenhuis.info todd.grotenhuis.info
1 fonts.googleapis.com todd.grotenhuis.info
1 openandsecure.com 1 redirects
5 4

This site contains links to these domains. Also see Links.

Domain
blog.grotenhuis.info
resilient.substack.com
m.facebook.com
www.twitter.com
www.linkedin.com
Subject Issuer Validity Valid
todd.grotenhuis.info
Let's Encrypt Authority X3
2020-09-04 -
2020-12-03
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://todd.grotenhuis.info/
Frame ID: F5FCBD00BA4873AD3810D2C25F853E24
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://openandsecure.com/ HTTP 302
    https://todd.grotenhuis.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

40 kB
Transfer

63 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://openandsecure.com/ HTTP 302
    https://todd.grotenhuis.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
todd.grotenhuis.info/
Redirect Chain
  • https://openandsecure.com/
  • https://todd.grotenhuis.info/
28 KB
9 KB
Document
General
Full URL
https://todd.grotenhuis.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
108.168.157.70 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
46.9d.a86c.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
5bb82d795039f852aaf01f6c77562bd7ea6a6c80dae7580d040b8d1bd6909428

Request headers

Host
todd.grotenhuis.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 00:22:23 GMT
Server
Apache
Last-Modified
Tue, 22 Sep 2020 15:53:04 GMT
Accept-Ranges
bytes
Cache-Control
max-age=0
Expires
Mon, 26 Oct 2020 00:22:23 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8657
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

status
302
server
nginx
date
Mon, 26 Oct 2020 00:22:22 GMT
content-type
text/html; charset=iso-8859-1
content-length
281
x-request-id
web2-1278862-1603671742-66 web2-1278862-1603671742-67
x-backend
web2
location
https://todd.grotenhuis.info
x-frontend
frontend2
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
Requested by
Host: todd.grotenhuis.info
URL: https://todd.grotenhuis.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1beb302ae8c7dd6ceb3fca9fc405d320bbc7671b654a662b9362a5afb1350d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://todd.grotenhuis.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 00:22:23 GMT
server
ESF
date
Mon, 26 Oct 2020 00:22:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Oct 2020 00:22:23 GMT
image01.jpg
todd.grotenhuis.info/assets/images/
5 KB
6 KB
Image
General
Full URL
https://todd.grotenhuis.info/assets/images/image01.jpg?v67574899870061
Requested by
Host: todd.grotenhuis.info
URL: https://todd.grotenhuis.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
108.168.157.70 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
46.9d.a86c.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
bca4f80e3ca0d68f04a681fe1021cb0a96c02c56afd8a028432487684cf82ec5

Request headers

Referer
https://todd.grotenhuis.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 26 Oct 2020 00:22:23 GMT
Last-Modified
Tue, 22 Sep 2020 15:53:04 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5322
Expires
Mon, 02 Nov 2020 00:22:23 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://todd.grotenhuis.info
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 11:20:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:51 GMT
server
sffe
age
392492
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13008
x-xss-protection
0
expires
Thu, 21 Oct 2021 11:20:51 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSds18S0xR41.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSds18S0xR41.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7d3170022ebbb848a38c112ee8434e9fd9a0a83aeb64aec6b45460963f57e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://todd.grotenhuis.info
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:01:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:25 GMT
server
sffe
age
386442
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12172
x-xss-protection
0
expires
Thu, 21 Oct 2021 13:01:41 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| _scrollToTop

0 Cookies