todd.grotenhuis.info

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 108.168.157.70, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is todd.grotenhuis.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 4th 2020. Valid for: 3 months.

This is the only time todd.grotenhuis.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.111.4.54 66.111.4.54	11403 (NYINTERNET) (NYINTERNET)
2	108.168.157.70 108.168.157.70	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	3

1 66.111.4.54 (New York, United States) 1 redirects

ASN11403 (NYINTERNET, US)
PTR: web.messagingengine.com

openandsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.168.157.70 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 46.9d.a86c.ip4.static.sl-reverse.com

todd.grotenhuis.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com fonts.gstatic.com	25 KB
2	grotenhuis.info todd.grotenhuis.info	14 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	openandsecure.com 1 redirects openandsecure.com	195 B
5	4

	Domain	Requested by
2	fonts.gstatic.com	fonts.googleapis.com
2	todd.grotenhuis.info	todd.grotenhuis.info
1	fonts.googleapis.com	todd.grotenhuis.info
1	openandsecure.com	1 redirects
5	4

This site contains links to these domains. Also see Links.

Domain
blog.grotenhuis.info
resilient.substack.com
m.facebook.com
www.twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
todd.grotenhuis.info Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://todd.grotenhuis.info/
Frame ID: F5FCBD00BA4873AD3810D2C25F853E24
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://openandsecure.com/ HTTP 302
https://todd.grotenhuis.info/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

40 kB
Transfer

63 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.grotenhuis.info/
Title: Globe

Search URL Search Domain Scan URL

URL: https://resilient.substack.com/
Title: Substack

Search URL Search Domain Scan URL

URL: https://m.facebook.com/toddgrotenhuis
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/toddgrotenhuis
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/toddgrotenhuis/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://openandsecure.com/ HTTP 302
https://todd.grotenhuis.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
todd.grotenhuis.info/
Redirect Chain

https://openandsecure.com/
https://todd.grotenhuis.info/

28 KB
9 KB

485ms
153ms

Document
text/html

108.168.157.70
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://todd.grotenhuis.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.168.157.70 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 46.9d.a86c.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 5bb82d795039f852aaf01f6c77562bd7ea6a6c80dae7580d040b8d1bd6909428

Request headers

Host: todd.grotenhuis.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 00:22:23 GMT
Server: Apache
Last-Modified: Tue, 22 Sep 2020 15:53:04 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Mon, 26 Oct 2020 00:22:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8657
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

status: 302
server: nginx
date: Mon, 26 Oct 2020 00:22:22 GMT
content-type: text/html; charset=iso-8859-1
content-length: 281
x-request-id: web2-1278862-1603671742-66 web2-1278862-1603671742-67
x-backend: web2
location: https://todd.grotenhuis.info
x-frontend: frontend2

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic

Requested by

Host: todd.grotenhuis.info
URL: https://todd.grotenhuis.info/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1beb302ae8c7dd6ceb3fca9fc405d320bbc7671b654a662b9362a5afb1350d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://todd.grotenhuis.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 00:22:23 GMT
server: ESF
date: Mon, 26 Oct 2020 00:22:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Oct 2020 00:22:23 GMT

GET
H/1.1 200
OK image01.jpg
todd.grotenhuis.info/assets/images/ 5 KB
6 KB 150ms
150ms Image
image/jpeg 108.168.157.70
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://todd.grotenhuis.info/assets/images/image01.jpg?v67574899870061
Requested by: Host: todd.grotenhuis.info
URL: https://todd.grotenhuis.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.168.157.70 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 46.9d.a86c.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: bca4f80e3ca0d68f04a681fe1021cb0a96c02c56afd8a028432487684cf82ec5

Request headers

Referer: https://todd.grotenhuis.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 26 Oct 2020 00:22:23 GMT
Last-Modified: Tue, 22 Sep 2020 15:53:04 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5322
Expires: Mon, 02 Nov 2020 00:22:23 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://todd.grotenhuis.info
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:51 GMT
server: sffe
age: 392492
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:51 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSds18S0xR41.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSds18S0xR41.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d3170022ebbb848a38c112ee8434e9fd9a0a83aeb64aec6b45460963f57e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://todd.grotenhuis.info
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 13:01:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:25 GMT
server: sffe
age: 386442
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12172
x-xss-protection: 0
expires: Thu, 21 Oct 2021 13:01:41 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
openandsecure.com
todd.grotenhuis.info
108.168.157.70
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
66.111.4.54
1beb302ae8c7dd6ceb3fca9fc405d320bbc7671b654a662b9362a5afb1350d2b
5bb82d795039f852aaf01f6c77562bd7ea6a6c80dae7580d040b8d1bd6909428
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
bca4f80e3ca0d68f04a681fe1021cb0a96c02c56afd8a028432487684cf82ec5
c7d3170022ebbb848a38c112ee8434e9fd9a0a83aeb64aec6b45460963f57e23

todd.grotenhuis.info Open in urlscan Pro 108.168.157.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

40 kBTransfer

63 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

todd.grotenhuis.info Open in urlscan Pro
108.168.157.70 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

40 kB
Transfer

63 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions