tomgreuter.nl Open in urlscan Pro
2a03:3c00:a002:201::1000 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://front-ender.nl/
Effective URL:
https://tomgreuter.nl/
Submission: On June 13 via api (June 13th 2024, 1:02:57 am UTC) from US — Scanned from NL

Summary HTTP 17 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2a03:3c00:a002:201::1000, located in Netherlands and belongs to PREVIDER-AS, NL. The main domain is tomgreuter.nl.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.

This is the only time tomgreuter.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:2350:5:1... 2a02:2350:5:113:80b3:3eb4:9ed9:4d75	51468 (ONECOM) (ONECOM)
17	2a03:3c00:a00... 2a03:3c00:a002:201::1000	20847 (PREVIDER-AS) (PREVIDER-AS)
17	1

1 2a02:2350:5:113:80b3:3eb4:9ed9:4d75 (Copenhagen, Denmark) 1 redirects

ASN51468 (ONECOM, DK)

front-ender.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:3c00:a002:201::1000 (Netherlands)

ASN20847 (PREVIDER-AS, NL)

tomgreuter.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tomgreuter.nl tomgreuter.nl	81 KB
1	front-ender.nl 1 redirects front-ender.nl	278 B
17	2

	Domain	Requested by
17	tomgreuter.nl	tomgreuter.nl
1	front-ender.nl	1 redirects
17	2

This site contains links to these domains. Also see Links.

Domain
fronteers.nl
info.nl
techblog.tomgreuter.nl
www.linkedin.com
www.cloudnatix.com
www.incentro.com
www.leenbakker.nl
belastingdienst.nl
appietoday.nl
getreally.com
sanoma.nl
ezwim.com
greypossible.nl
albelli.nl
klm.nl
breman.nl
klm.com
ideal.ing.nl

Subject Issuer	Validity	Valid
www.tomgreuter.nl R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tomgreuter.nl/
Frame ID: E95ACD8A85B1471E954F7080BA6B09D7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tom greuter - freelance front-end web developer

Page URL History Show full URLs

https://front-ender.nl/ HTTP 302
http://tomgreuter.nl/ HTTP 307
https://tomgreuter.nl/ Page URL

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

81 kB
Transfer

96 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://fronteers.nl/
Title: Fronteers

Search URL Search Domain Scan URL

URL: http://info.nl/
Title: info.nl

Search URL Search Domain Scan URL

URL: https://techblog.tomgreuter.nl/
Title: I blog

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/in/tomgreuter
Title: Linkedin profile

Search URL Search Domain Scan URL

URL: https://www.cloudnatix.com/

Search URL Search Domain Scan URL

URL: https://www.incentro.com/

Search URL Search Domain Scan URL

URL: https://www.leenbakker.nl/
Title: Leenbakker.nl

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/feed/update/urn:li:activity:6719699361971994624/

Search URL Search Domain Scan URL

URL: https://belastingdienst.nl/

Search URL Search Domain Scan URL

URL: https://appietoday.nl/

Search URL Search Domain Scan URL

URL: https://getreally.com/

Search URL Search Domain Scan URL

URL: http://sanoma.nl/

Search URL Search Domain Scan URL

URL: http://ezwim.com/

Search URL Search Domain Scan URL

URL: http://greypossible.nl/

Search URL Search Domain Scan URL

URL: http://albelli.nl/

Search URL Search Domain Scan URL

URL: http://klm.nl/

Search URL Search Domain Scan URL

URL: http://breman.nl/

Search URL Search Domain Scan URL

URL: http://klm.com/
Title: klm.com

Search URL Search Domain Scan URL

URL: https://ideal.ing.nl/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://front-ender.nl/ HTTP 302
http://tomgreuter.nl/ HTTP 307
https://tomgreuter.nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tomgreuter.nl/ Redirect Chain https://front-ender.nl/ http://tomgreuter.nl/ https://tomgreuter.nl/	14 KB 3 KB	105ms 22ms	Document text/html	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Full URL https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `9b511d15aa4b1ed7a9140f499b56f909b8d9ed1e4c51d3a7c8f87db9ab50728a` Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-encoding gzip content-length 3271 content-type text/html date Thu, 13 Jun 2024 01:02:52 GMT etag "395a-5f48580e0cd38-gzip" last-modified Sun, 12 Feb 2023 19:11:53 GMT server Apache vary User-Agent,Accept-Encoding Redirect headers Location https://tomgreuter.nl/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	main.css tomgreuter.nl/	4 KB 1 KB	719ms 718ms	Stylesheet text/css	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Full URL https://tomgreuter.nl/main.css Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `18eaa85d4bacefa00dbb499abebb299a534eb030903eb6812ed1d300d3d56ece` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT content-encoding gzip last-modified Sun, 26 Sep 2021 09:11:12 GMT server Apache etag "104e-5cce25c9d0397-gzip" vary User-Agent,Accept-Encoding content-type text/css accept-ranges bytes content-length 1204
GET H2	200	logo-cloudnatix.png tomgreuter.nl/images/	12 KB 12 KB	718ms 717ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-cloudnatix.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `541a672cda346d1aa349e905ee72a84046d68fb14920ee4e6a500bfdf9007edb` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:54 GMT server Apache etag "2fcd-5cce25b909d82" vary User-Agent content-type image/png accept-ranges bytes content-length 12237
GET H2	200	logo-incentro.svg tomgreuter.nl/images/	1 KB 1 KB	22ms 22ms	Image image/svg+xml	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-incentro.svg Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `9398ab82cc32122fb0136b755b97026381241f376a033a180050eb13ab9c7e95` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:55 GMT server Apache etag "4fd-5cce25b9df76f" vary User-Agent content-type image/svg+xml accept-ranges bytes content-length 1277
GET H2	200	logo-happytags.svg tomgreuter.nl/images/	2 KB 2 KB	891ms 891ms	Image image/svg+xml	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-happytags.svg Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `5f91f0743cb0f2486b3f28209648cb2a0aa2f480e6907b97f8289e8cc9beb9f7` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:54 GMT server Apache etag "84c-5cce25b988104" vary User-Agent content-type image/svg+xml accept-ranges bytes content-length 2124
GET H2	200	logo-belastingdienst.png tomgreuter.nl/images/	3 KB 3 KB	883ms 883ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-belastingdienst.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `629fb0c4df844710f5ed3d2f807ac4fac53631a888d3368e8df44d5ed47589fb` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:53 GMT server Apache etag "bef-5cce25b893700" vary User-Agent content-type image/png accept-ranges bytes content-length 3055
GET H2	200	logo-appietoday.jpg tomgreuter.nl/images/	4 KB 4 KB	884ms 884ms	Image image/jpeg	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-appietoday.jpg Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `12c351224d73ea16f76721b9aa32cc85db1f67904a03c02500fb90cb31a98d27` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:53 GMT server Apache etag "1127-5cce25b816aee" vary User-Agent content-type image/jpeg accept-ranges bytes content-length 4391
GET H2	200	logo-really.png tomgreuter.nl/images/	9 KB 9 KB	882ms 882ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-really.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `4a2fa73210f9368af0eb965a38b607df239d5257b1412077152400384845df68` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:55 GMT server Apache etag "23aa-5cce25ba27f93" vary User-Agent content-type image/png accept-ranges bytes content-length 9130
GET H2	200	logo-sanoma.png tomgreuter.nl/images/	2 KB 2 KB	882ms 882ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-sanoma.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `8d00c2f8d77a219f1c1bb90978d47e80706a587ea52d3700ad1db87e241fbeaf` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:55 GMT server Apache etag "99f-5cce25ba3a0a2" vary User-Agent content-type image/png accept-ranges bytes content-length 2463
GET H2	200	logo-ezwim.jpg tomgreuter.nl/images/	12 KB 12 KB	889ms 889ms	Image image/jpeg	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-ezwim.jpg Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `e9a12680952f49d4974afe02441a683b55103699bbf5a666d41816559c8dab0e` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:54 GMT server Apache etag "2e24-5cce25b8ee803" vary User-Agent content-type image/jpeg accept-ranges bytes content-length 11812
GET H2	200	logo-grey.png tomgreuter.nl/images/	5 KB 5 KB	888ms 885ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-grey.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `ea52ca163b7c5dc6396f5b646cd754aa5ca3ebe1dc34e1e9df8bc08635f57633` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:54 GMT server Apache etag "1572-5cce25b960066" vary User-Agent content-type image/png accept-ranges bytes content-length 5490
GET H2	200	logo-albelli.svg tomgreuter.nl/images/	5 KB 5 KB	885ms 885ms	Image image/svg+xml	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-albelli.svg Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `0ce6834d1507dc549eff2428b876c70b94fdc2cb57a75c3a02ce40a4f2def8ec` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:53 GMT server Apache etag "133e-5cce25b816aee" vary User-Agent content-type image/svg+xml accept-ranges bytes content-length 4926
GET H2	200	logo-klm.png tomgreuter.nl/images/	2 KB 2 KB	885ms 885ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-klm.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `ac75e632212cbef6ed861f4f7982b1c72fba32ca462f71fbebbca2d6bf4c071b` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:55 GMT server Apache etag "7cd-5cce25ba1e73c" vary User-Agent content-type image/png accept-ranges bytes content-length 1997
GET H2	200	logo-breman.svg tomgreuter.nl/images/	5 KB 5 KB	885ms 885ms	Image image/svg+xml	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-breman.svg Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `1ec95545a0ff63ab10aeb46e9fdd7be322b65dc6db1c9a9f0d13fa25ad543921` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:53 GMT server Apache etag "1437-5cce25b894a88" vary User-Agent content-type image/svg+xml accept-ranges bytes content-length 5175
GET H2	200	logo-ing.png tomgreuter.nl/images/	13 KB 13 KB	885ms 885ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-ing.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `6c437cf40564e34eb83dd85017b1204bdb31d330a402621df7e295c35320cee4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:55 GMT server Apache etag "344b-5cce25ba0703d" vary User-Agent content-type image/png accept-ranges bytes content-length 13387
GET H2	200	logo-klm.png tomgreuter.nl/images/	2 KB 0	883ms 883ms	Image image/png	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tomgreuter.nl/images/logo-klm.png Requested by Host: tomgreuter.nl URL: https://tomgreuter.nl/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `ac75e632212cbef6ed861f4f7982b1c72fba32ca462f71fbebbca2d6bf4c071b` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:52 GMT last-modified Sun, 26 Sep 2021 09:10:55 GMT server Apache etag "7cd-5cce25ba1e73c" vary User-Agent content-type image/png accept-ranges bytes content-length 1997
GET H2	404	favicon.ico tomgreuter.nl/	484 B 530 B	103ms 102ms	Other text/html	2a03:3c00:a002:201::1000 PREVIDER-AS
General Check archive.org Show headers Download Go to Full URL https://tomgreuter.nl/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:3c00:a002:201::1000 , Netherlands, ASN20847 (PREVIDER-AS, NL), Reverse DNS Software Apache / Resource Hash `6945654b2c3691f223919720715e674976eb9c8c288b3aaff2b434fde719e8b9` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://tomgreuter.nl/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 01:02:53 GMT server Apache accept-ranges bytes content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tomgreuter.nl/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

front-ender.nl
tomgreuter.nl
2a02:2350:5:113:80b3:3eb4:9ed9:4d75
2a03:3c00:a002:201::1000
0ce6834d1507dc549eff2428b876c70b94fdc2cb57a75c3a02ce40a4f2def8ec
12c351224d73ea16f76721b9aa32cc85db1f67904a03c02500fb90cb31a98d27
18eaa85d4bacefa00dbb499abebb299a534eb030903eb6812ed1d300d3d56ece
1ec95545a0ff63ab10aeb46e9fdd7be322b65dc6db1c9a9f0d13fa25ad543921
4a2fa73210f9368af0eb965a38b607df239d5257b1412077152400384845df68
541a672cda346d1aa349e905ee72a84046d68fb14920ee4e6a500bfdf9007edb
5f91f0743cb0f2486b3f28209648cb2a0aa2f480e6907b97f8289e8cc9beb9f7
629fb0c4df844710f5ed3d2f807ac4fac53631a888d3368e8df44d5ed47589fb
6945654b2c3691f223919720715e674976eb9c8c288b3aaff2b434fde719e8b9
6c437cf40564e34eb83dd85017b1204bdb31d330a402621df7e295c35320cee4
8d00c2f8d77a219f1c1bb90978d47e80706a587ea52d3700ad1db87e241fbeaf
9398ab82cc32122fb0136b755b97026381241f376a033a180050eb13ab9c7e95
9b511d15aa4b1ed7a9140f499b56f909b8d9ed1e4c51d3a7c8f87db9ab50728a
ac75e632212cbef6ed861f4f7982b1c72fba32ca462f71fbebbca2d6bf4c071b
e9a12680952f49d4974afe02441a683b55103699bbf5a666d41816559c8dab0e
ea52ca163b7c5dc6396f5b646cd754aa5ca3ebe1dc34e1e9df8bc08635f57633

tomgreuter.nl Open in urlscan Pro 2a03:3c00:a002:201::1000 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

81 kBTransfer

96 kBSize

0 Cookies

19 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

tomgreuter.nl Open in urlscan Pro
2a03:3c00:a002:201::1000 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

81 kB
Transfer

96 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!