sepatool.levering.eu Open in urlscan Pro
84.22.108.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sepatool.levering.eu/
Submission: On October 07 via automatic, source certstream-suspicious (October 7th 2024, 12:10:35 am UTC) — Scanned from NL

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 84.22.108.85, located in Woerden, Netherlands and belongs to TILAA, NL. The main domain is sepatool.levering.eu.
TLS certificate: Issued by R10 on August 24th 2024. Valid for: 3 months.

This is the only time sepatool.levering.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
12	84.22.108.85 84.22.108.85		196752 (TILAA) (TILAA)
1	172.67.69.29 172.67.69.29		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.74 142.250.186.74		15169 (GOOGLE) (GOOGLE)
3	142.250.185.67 142.250.185.67		15169 (GOOGLE) (GOOGLE)
17	4

12 84.22.108.85 (Woerden, Netherlands)

ASN196752 (TILAA, NL)
PTR: adresbak.nl

sepatool.levering.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.29 (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	levering.eu sepatool.levering.eu	506 KB
3	gstatic.com fonts.gstatic.com	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	ionicframework.com code.ionicframework.com — Cisco Umbrella Rank: 20162	9 KB
17	4

	Domain	Requested by
12	sepatool.levering.eu	sepatool.levering.eu
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	sepatool.levering.eu
1	code.ionicframework.com	sepatool.levering.eu
17	4

This site contains no links.

Subject Issuer	Validity	Valid
sepatool.levering.eu R10	`2024-08-24` - `2024-11-22`	3 months	crt.sh
ionicframework.com WE1	`2024-09-10` - `2024-12-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sepatool.levering.eu/
Frame ID: 77A4FAEE9FC0C906325EC0320F969EBF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

To sepa

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]{1,512}\bwire:
livewire(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

559 kB
Transfer

2276 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sepatool.levering.eu/ 25 KB
5 KB 556ms
154ms Document
text/html 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 / PHP/7.4.33
Resource Hash: 8332443c8a068eb8d43ccc81f722c65f1cc3e163e30360b9501e6a539ef3d290

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-length: 4164
content-type: text/html; charset=UTF-8
date: Mon, 07 Oct 2024 00:10:29 GMT
server: Apache/2
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33

GET
H2 200 all.min.css
sepatool.levering.eu/plugins/fontawesome-free/css/ 55 KB
12 KB 38ms
36ms Stylesheet
text/css 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/plugins/fontawesome-free/css/all.min.css
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "dcc5-5917e26001640-gzip"
accept-ranges: bytes
content-length: 12274
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H3 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 77ms
32ms Stylesheet
text/css 172.67.69.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

Requested by

Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.69.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

x-fastly-request-id: eb7e91cf7dd4310bab29402e1233362bb496d5c0
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64382bc3-c854"
age: 23164
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qf2FyjFR5qJH2k2e6cqgP5MYjgOlLDILa7X%2BAhjzp4xEiferVXEKShiDtW%2FH%2BmRFAQcOrgy1BYE08D%2FSFPWFfTRa4p9tK8cabNYmVDqGH69iqd3DzX3bjM0Z3TRPKLh%2BYvz3enlN944c"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 1E55:309A66:59AFFA2:5BC7C0A:66E8B53E
x-content-type-options: nosniff
expires: Mon, 16 Sep 2024 22:56:22 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Mon, 07 Oct 2024 00:10:30 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
x-served-by: cache-ams2100142-AMS
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=15552000
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728236666.445839,VS0,VE2
via: 1.1 varnish
cf-ray: 8ce9ab2299809f1d-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8313
server: cloudflare

GET
H2 200 adminlte.min.css
sepatool.levering.eu/dist/css/ 497 KB
59 KB 54ms
52ms Stylesheet
text/css 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/dist/css/adminlte.min.css
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: adfdee7bb69039c08fe1d9f53c31ec0f0414e536d8b04b4af345290a7753620b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "7c464-5917e26001640-gzip"
accept-ranges: bytes
content-length: 60077
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 735ms
332ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Requested by

Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

69a9c4e5382e726953388c127e20fb512082e22535e8c23a743642b4f8ffbdc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 00:10:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 00:10:30 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 06 Oct 2024 23:30:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 app.js Show response
sepatool.levering.eu/js/ 1 MB
245 KB 34ms
34ms Script
application/javascript 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/js/app.js
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 11ccaf9fe91b7ed30df02605a7496f3c8d638169ae0d5dba5c6d9fc3fef6b48f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "117fc7-5912ee97782c0-gzip"
accept-ranges: bytes
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Wed, 28 Aug 2019 15:19:15 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 AdminLTELogo.png
sepatool.levering.eu/dist/img/ 10 KB
10 KB 21ms
20ms Image
image/png 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sepatool.levering.eu/dist/img/AdminLTELogo.png
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 92af06833886bd48cb14b00faa6d70220b3eb7a651f12c5d6f38501ac910dd6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

accept-ranges: bytes
content-length: 10380
etag: "288c-5917e26001640"
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
content-type: image/png
server: Apache/2

GET
H2 200 jquery.min.js Show response
sepatool.levering.eu/plugins/jquery/ 86 KB
30 KB 46ms
45ms Script
application/javascript 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/plugins/jquery/jquery.min.js
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "15851-5917e26001640-gzip"
accept-ranges: bytes
content-length: 30677
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 bootstrap.bundle.min.js Show response
sepatool.levering.eu/plugins/bootstrap/js/ 77 KB
22 KB 26ms
25ms Script
application/javascript 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "1332b-5917e26001640-gzip"
accept-ranges: bytes
content-length: 22295
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 fastclick.js Show response
sepatool.levering.eu/plugins/fastclick/ 25 KB
7 KB 31ms
30ms Script
application/javascript 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/plugins/fastclick/fastclick.js
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "656d-5917e26001640-gzip"
accept-ranges: bytes
content-length: 7608
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 adminlte.min.js Show response
sepatool.levering.eu/dist/js/ 19 KB
5 KB 19ms
18ms Script
application/javascript 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/dist/js/adminlte.min.js
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 34e3708c15b07aea0577e21e4e1564aae41088b73d338a5ddeb3a4434344da56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

content-encoding: gzip
etag: "4bfa-5917e26001640-gzip"
accept-ranges: bytes
content-length: 4783
date: Mon, 07 Oct 2024 00:10:29 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2
content-type: application/javascript

GET
H2 200 livewire.js Show response
sepatool.levering.eu/livewire/ 186 KB
37 KB 130ms
130ms Script
application/javascript 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/livewire/livewire.js?id=5e2e14cca33bfab61b2e
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 / PHP/7.4.33
Resource Hash: afa7b5e8d4c3a0ad6491e24e4733af7d514380b29cae1cfde6e5aeb124a372f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

server: Apache/2
cache-control: max-age=31536000, public
content-encoding: gzip
expires: Tue, 07 Oct 2025 00:10:30 GMT
accept-ranges: bytes
content-length: 37886
date: Mon, 07 Oct 2024 00:10:30 GMT
last-modified: Sun, 08 Sep 2019 02:21:06 GMT
x-powered-by: PHP/7.4.33
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8

GET
H2 200 fa-solid-900.woff2
sepatool.levering.eu/plugins/fontawesome-free/webfonts/ 74 KB
74 KB 24ms
22ms Font
application/octet-stream 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/plugins/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: sepatool.levering.eu
URL: https://sepatool.levering.eu/plugins/fontawesome-free/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sepatool.levering.eu
Referer: https://sepatool.levering.eu/plugins/fontawesome-free/css/all.min.css

Response headers

accept-ranges: bytes
content-encoding: gzip
etag: "12690-5917e26001640-gzip"
date: Mon, 07 Oct 2024 00:10:30 GMT
last-modified: Sun, 01 Sep 2019 13:51:13 GMT
vary: Accept-Encoding,User-Agent
server: Apache/2

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 97ms
25ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sepatool.levering.eu
Referer: https://fonts.googleapis.com/

Response headers

age: 526150
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 22:01:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 22:01:20 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 105ms
34ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sepatool.levering.eu
Referer: https://fonts.googleapis.com/

Response headers

age: 201700
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 16:08:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 16:08:50 GMT
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14780
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 94ms
23ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://sepatool.levering.eu
Referer: https://fonts.googleapis.com/

Response headers

age: 150496
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 05 Oct 2025 06:22:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 06:22:14 GMT
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14712
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.ico
sepatool.levering.eu/ 0
78 B 16ms
15ms Other
image/x-icon 84.22.108.85
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://sepatool.levering.eu/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.22.108.85 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS: adresbak.nl
Software: Apache/2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://sepatool.levering.eu/

Response headers

etag: "0-5912c96413e40"
accept-ranges: bytes
content-length: 0
date: Mon, 07 Oct 2024 00:10:30 GMT
last-modified: Wed, 28 Aug 2019 12:32:49 GMT
vary: User-Agent
server: Apache/2
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| FastClick object| adminlte function| _ function| Popper function| axios object| Turbolinks function| setImmediate function| clearImmediate function| Livewire object| livewire string| livewire_token function| default

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sepatool.levering.eu/	1970-01-21 00:04:27	Name: XSRF-TOKEN Value: eyJpdiI6IlNWQUtpVm50Q1Ftc1VLWkJKdFFJS3c9PSIsInZhbHVlIjoiUlh6c0tpWDdCZWd2RHNDa3pLaXpNTXRGVVQ4dExGUWhleFwvV2IraHdLTm94ak9JVk1RQzNyTWxZVEFGVG0rSGYiLCJtYWMiOiI4NTY5MDQxNWI4NGE1NDI3ZmI5Nzc5ZDc0NDY1NDZiODYxMmE3YTQ5ZjNhN2ZkYmFmZWQ1ZjM5ZTk4MThmMTM3In0%3D
			sepatool.levering.eu/	1970-01-21 00:04:27	Name: to_sepa_session Value: eyJpdiI6IlAxRVBBWkRYckxoOEQweEVudmNNXC9RPT0iLCJ2YWx1ZSI6IjJpWXdsblhsUDdPRFVpNmoyeFpuMVBKTG5HQmRWUlcxbVllQmRGbno4UXJmM2QrRUFqWTlPdjdPMzhDK09icmYiLCJtYWMiOiJkOWEwN2VhOWJkMTI0NGQ3ZDFhMDU0NWY1OTZjNGZjNmVlZGJjM2UxMTJiMTliYjYzZGUyNmUzODI4NzYzYjVmIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.ionicframework.com
fonts.googleapis.com
fonts.gstatic.com
sepatool.levering.eu
142.250.185.67
142.250.186.74
172.67.69.29
84.22.108.85
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11ccaf9fe91b7ed30df02605a7496f3c8d638169ae0d5dba5c6d9fc3fef6b48f
1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5
34e3708c15b07aea0577e21e4e1564aae41088b73d338a5ddeb3a4434344da56
69a9c4e5382e726953388c127e20fb512082e22535e8c23a743642b4f8ffbdc1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
8332443c8a068eb8d43ccc81f722c65f1cc3e163e30360b9501e6a539ef3d290
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
92af06833886bd48cb14b00faa6d70220b3eb7a651f12c5d6f38501ac910dd6b
adfdee7bb69039c08fe1d9f53c31ec0f0414e536d8b04b4af345290a7753620b
afa7b5e8d4c3a0ad6491e24e4733af7d514380b29cae1cfde6e5aeb124a372f4
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855