URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Submission: On November 08 via manual from IN — Scanned from CA

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 159.69.48.31, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is app.marmof.com.
TLS certificate: Issued by E6 on September 10th 2024. Valid for: 3 months.
This is the only time app.marmof.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 159.69.48.31 24940 (HETZNER-AS)
1 2600:9000:284... 16509 (AMAZON-02)
2 143.198.242.75 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a02:6ea0:c45... 60068 (CDN77 _)
1 162.19.169.11 16276 (OVH)
17 8
Apex Domain
Subdomains
Transfer
7 marmof.com
app.marmof.com
marmof.com Failed
207 KB
3 bablosoft.com
customfingerprints.bablosoft.com — Cisco Umbrella Rank: 168630
fingerprints.bablosoft.com — Cisco Umbrella Rank: 273319
667 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 9060
2 KB
2 ui-avatars.com
ui-avatars.com — Cisco Umbrella Rank: 45763
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
71 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 23281
5 KB
17 6
Domain Requested by
7 app.marmof.com app.marmof.com
2 plausible.io www.googletagmanager.com
plausible.io
2 ui-avatars.com app.marmof.com
2 customfingerprints.bablosoft.com app.marmof.com
customfingerprints.bablosoft.com
1 fingerprints.bablosoft.com customfingerprints.bablosoft.com
1 www.googletagmanager.com app.marmof.com
1 r.wdfl.co app.marmof.com
0 marmof.com Failed app.marmof.com
17 8

This site contains links to these domains. Also see Links.

Domain
jrr.califragilist.com
Subject Issuer Validity Valid
marmof.com
E6
2024-09-10 -
2024-12-09
3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02
2024-08-02 -
2025-08-30
a year crt.sh
customfingerprints.bablosoft.com
R10
2024-10-10 -
2025-01-08
3 months crt.sh
ui-avatars.com
WE1
2024-11-02 -
2025-01-31
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
plausible.io
R11
2024-10-16 -
2025-01-14
3 months crt.sh
fingerprints.bablosoft.com
R10
2024-10-10 -
2025-01-08
3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Frame ID: 3BE38A5CA9284925AD0BED6D6F1C3429
Requests: 19 HTTP requests in this frame

Frame: https://fingerprints.bablosoft.com/setcookies
Frame ID: 4781D9E317810EE14223966F9A4F47E0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

2024-11-04 Untitled Document

Detected technologies

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Page Statistics

17
Requests

94 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

974 kB
Transfer

1745 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 01jbw9937936swt6kz7rfh6hp2
app.marmof.com/share/
128 KB
25 KB
Document
General
Full URL
https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
3346b50998e13a1ed6d626afcbe8c2572076c9a55fc2d8473034a5649d56e91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 08 Nov 2024 18:07:02 GMT
server
nginx
vary
Accept-Encoding X-Inertia
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
rw.js
r.wdfl.co/
18 KB
5 KB
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2840:7000:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0562e5674602291ce06869880ed86b2b9d26ae26f17d25f9587c7ae26f62b6b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

vary
accept-encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"05550215707fb77f6d07bcc793526e28"
age
3274
via
1.1 e48704e6e4e9818f22c02e73e105de8e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Z1paSK09Sh9KNUuvZ7DejcCsFiRNgLv-UsZsg9vr93_OVMv4vdG5IA==
date
Fri, 08 Nov 2024 17:12:29 GMT
content-type
text/javascript
last-modified
Tue, 05 Nov 2024 07:12:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P7
x-amz-server-side-encryption
AES256
app-0b1f8530.css
app.marmof.com/build/assets/
322 KB
55 KB
Stylesheet
General
Full URL
https://app.marmof.com/build/assets/app-0b1f8530.css
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
5b2485166c0c43d755e789ccf478204753d2b98050b602c558fb24286d9f5b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-507b8"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Fri, 08 Nov 2024 18:07:02 GMT
content-type
text/css
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
app-49265ad1.js
app.marmof.com/build/assets/
356 KB
120 KB
Script
General
Full URL
https://app.marmof.com/build/assets/app-49265ad1.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
f14cd52ccc7f1df4dca05ab33ac62da2e60d26117944def08692b11d64102080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer
https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-590b8"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Fri, 08 Nov 2024 18:07:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
clientsafe.js
customfingerprints.bablosoft.com/
662 KB
663 KB
Script
General
Full URL
https://customfingerprints.bablosoft.com/clientsafe.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
93ef8c3872b0dd9e9b1f3fd9451821b4cd4fe5b0cc636573cdf05d112a032636
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=0
etag
W/"a5710-190e5f98f40"
accept-ranges
bytes
content-length
677648
date
Fri, 08 Nov 2024 18:07:02 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
last-modified
Wed, 24 Jul 2024 18:20:56 GMT
/
ui-avatars.com/api/
569 B
1 KB
Image
General
Full URL
https://ui-avatars.com/api/?name=A+M&color=ffffff&background=f34b1d
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95359b8e310eaed04924869c793682b9c5d6726b92da8c02a0a4a3bdb2fcca50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

access-control-max-age
31536000, 31536000
content-encoding
gzip
cf-cache-status
HIT
age
5710
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CIBXrFvGOI2libUIpKI7HbfsjMPxyVIosoo4KzYtsU659J%2Bu1eFVL9g9Xqp7uuMLlU6qa0tnepzcm4mjSA%2FjHHd26q6%2BJ72d738JFjINj6%2FjefnfgMyCSYsZOF%2F8W7G5bPxJgGLlz9dFVyR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
expires
Fri, 07 Nov 2025 21:10:26 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=17572&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2315&delivery_rate=231122&cwnd=239&unsent_bytes=0&cid=e49910b8bd48be44&ts=182&x=0"
date
Fri, 08 Nov 2024 18:07:02 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Thu, 07 Nov 2024 21:10:26 GMT
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
access-control-allow-credentials
true, true
cf-ray
8df780195bf1c409-EWR
access-control-allow-origin
*, *
server
cloudflare
gtm.js
www.googletagmanager.com/
196 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MC7CMZBF
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22e863b6ff388e0384e5be360e09dfb4963c3e041f02c8c54ca1a8685f1df119
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 08 Nov 2024 18:07:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 18:07:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71952
x-xss-protection
0
server
Google Tag Manager
sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2
marmof.com/storage/fonts/b86251dcd5/
0
0

Document-d618b903.js
app.marmof.com/build/assets/
2 KB
1 KB
Script
General
Full URL
https://app.marmof.com/build/assets/Document-d618b903.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/build/assets/app-49265ad1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
cddabf6bfbc77aa5fb6fdf3abc55ba4bf187741727f354c176e8e0d77b3c51ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-86b"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Fri, 08 Nov 2024 18:07:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
logotype-original-6f3eac48.js
app.marmof.com/build/assets/
6 KB
3 KB
Script
General
Full URL
https://app.marmof.com/build/assets/logotype-original-6f3eac48.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/build/assets/app-49265ad1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
79a5f8cbec83725fd156f45c89b6a02f6e166b3874f29e97cb3c2b0284685646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-18bc"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Fri, 08 Nov 2024 18:07:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
Button-7c0475a9.js
app.marmof.com/build/assets/
3 KB
1 KB
Script
General
Full URL
https://app.marmof.com/build/assets/Button-7c0475a9.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/build/assets/app-49265ad1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
1780cd3c16090e58a07403afe55c8c972c295f27abb05c65b61b4ca88b7040cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-bca"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Fri, 08 Nov 2024 18:07:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
perfectcanvas
customfingerprints.bablosoft.com/
26 KB
3 KB
Fetch
General
Full URL
https://customfingerprints.bablosoft.com/perfectcanvas?publickey=9o4jz0fizt0fc61mm1dzpe7gb8lnzcwmb8x76tggdatd5ei6tekw7p9nv1q0zrzy
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
32ed9027379c541488ce8f2005168ae50fe15bbbc356a271d2f94b6a726cc0cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
date
Fri, 08 Nov 2024 18:07:03 GMT
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
script.js
plausible.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.io/js/script.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC7CMZBF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

cdn-status
200
content-encoding
br
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 18:07:03 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cachedat
11/08/2024 08:15:14
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, must-revalidate, max-age=86400
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
9100ae7e90dc156fcdc0d83bc28b064c
cross-origin-resource-policy
cross-origin
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
cdn-edgestorageid
885
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
/
ui-avatars.com/api/
569 B
0
Image
General
Full URL
https://ui-avatars.com/api/?name=A+M&color=ffffff&background=f34b1d
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95359b8e310eaed04924869c793682b9c5d6726b92da8c02a0a4a3bdb2fcca50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

access-control-max-age
31536000, 31536000
content-encoding
gzip
cf-cache-status
HIT
age
5710
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CIBXrFvGOI2libUIpKI7HbfsjMPxyVIosoo4KzYtsU659J%2Bu1eFVL9g9Xqp7uuMLlU6qa0tnepzcm4mjSA%2FjHHd26q6%2BJ72d738JFjINj6%2FjefnfgMyCSYsZOF%2F8W7G5bPxJgGLlz9dFVyR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
expires
Fri, 07 Nov 2025 21:10:26 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=17572&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2315&delivery_rate=231122&cwnd=239&unsent_bytes=0&cid=e49910b8bd48be44&ts=182&x=0"
date
Fri, 08 Nov 2024 18:07:02 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Thu, 07 Nov 2024 21:10:26 GMT
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
access-control-allow-credentials
true, true
cf-ray
8df780195bf1c409-EWR
access-control-allow-origin
*, *
server
cloudflare
event
plausible.io/api/
2 B
509 B
XHR
General
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://app.marmof.com/

Response headers

x-request-id
GAYQekYpZ621cyII3Tgq
date
Fri, 08 Nov 2024 18:07:04 GMT
content-type
text/plain; charset=utf-8
cdn-cachedat
11/08/2024 18:07:04
cdn-requestpullcode
202
cache-control
must-revalidate, max-age=0, private
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
88a83535a251e92f46bd7ed5c646e39d
access-control-allow-credentials
true
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
x-plausible-dropped
1
access-control-allow-origin
*
content-length
2
cdn-edgestorageid
885
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
setcookies
fingerprints.bablosoft.com/ Frame 4781
0
0
Document
General
Full URL
https://fingerprints.bablosoft.com/setcookies
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.19.169.11 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3222241.ip-162-19-169.eu
Software
/ Express
Resource Hash

Request headers

Referer
https://app.marmof.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
60
Date
Fri, 08 Nov 2024 18:07:04 GMT
Keep-Alive
timeout=5
X-Powered-By
Express
favicon-32x32.png
app.marmof.com/
1 KB
2 KB
Other
General
Full URL
https://app.marmof.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
227eeb5ef49e062025133c4e2cc8c42d7ea76b0c869e467bb92638cdf1acc942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2

Response headers

etag
"672be6df-5af"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1455
x-xss-protection
1; mode=block
date
Fri, 08 Nov 2024 18:07:05 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 21:59:59 GMT
server
nginx
x-frame-options
SAMEORIGIN
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

Content-Type
application/x-font-opentype
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

Content-Type
application/x-font-opentype
truncated
/
1 KB
1 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

Content-Type
application/x-font-opentype

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
marmof.com
URL
https://marmof.com/storage/fonts/b86251dcd5/sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer string| _rwq function| rewardful function| route boolean| _rewardful_loaded function| Rewardful object| google_tag_manager object| google_tag_data function| FontManagerData function| FontManagerGlyphs function| FontManagerHashGenerator function| FontManager function| GetSystemFontData function| GetWebGPUData function| getInstalledExtensions function| PerfectCanvasPrecomputed function| PerfectCanvas function| ProcessFingerprint function| ProcessFingerprintNoCache function| ProcessFingerprintInternal function| _ function| axios object| __VUE_INSTANCE_SETTERS__ object| __vueuse_ssr_handlers__ boolean| __VUE__ function| plausible

2 Cookies

Domain/Path Name / Value
app.marmof.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImY3OTREM29UaHRXSWRQbUk1VGRrOEE9PSIsInZhbHVlIjoiWUNDcUZzZ3kxWjJTNlhyMUtNUjU3NDk0OGE2ZWtobE9JTldLcXV0ZFZsdE11b0Y1QVpBZlpQb1drVnBKWGdOK2VZand3QXNOa21ZMksrMzVkWG5JYnRKVkpOYXEyWXhZc1ViNGRld0xuZDM1UmxpTEM0WFZMYmlheDhxM2dyYTIiLCJtYWMiOiJhOGZiMzg5NzE0MmE1ZTMxMTE5ZmUxYjgzZDRiODIyMDZmMGQxM2VkYTI5YThmYjZiZjA1MGIxZDMwOTJhZjI2IiwidGFnIjoiIn0%3D
app.marmof.com/ Name: marmof_session
Value: eyJpdiI6IlI2emt0aWRPellFMXF6ZE02czZlbVE9PSIsInZhbHVlIjoibFo3MVFtQzR3UHViOVZLMnhRZ0JsS29ZNVJuYWtzVDVRZlU1K3VuZzdpUmticWRoSVVLditxNzZ1RmxneTNNV1VKR0JlVnVJTU1WTkRIZmlmeEUxTC9kbi9STEl5alQ3WkdrWFRVNFppRmxBdTFNb3FoSTJaOUk5aTNuQ3k3K2wiLCJtYWMiOiJiZGE5ZjM5MTIwYzgzYmJmNmQyZmY2NTkzN2Q5OThhN2IwMmQ2YmE3NjI5M2JkN2JjMGM1NzNjOTY1ODRiNWY0IiwidGFnIjoiIn0%3D

9 Console Messages

Source Level URL
Text
javascript error URL: https://app.marmof.com/share/01jbw9937936swt6kz7rfh6hp2
Message:
Access to font at 'https://marmof.com/storage/fonts/b86251dcd5/sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2' from origin 'https://app.marmof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://marmof.com/storage/fonts/b86251dcd5/sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to parse video contentType: video/ogg; codecs=theora
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.marmof.com
customfingerprints.bablosoft.com
fingerprints.bablosoft.com
marmof.com
plausible.io
r.wdfl.co
ui-avatars.com
www.googletagmanager.com
marmof.com
143.198.242.75
159.69.48.31
162.19.169.11
2600:9000:2840:7000:1b:348c:b140:93a1
2606:4700:20::ac43:4b78
2607:f8b0:4006:821::2008
2a02:6ea0:c454::1
0562e5674602291ce06869880ed86b2b9d26ae26f17d25f9587c7ae26f62b6b2
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0
1780cd3c16090e58a07403afe55c8c972c295f27abb05c65b61b4ca88b7040cf
227eeb5ef49e062025133c4e2cc8c42d7ea76b0c869e467bb92638cdf1acc942
22e863b6ff388e0384e5be360e09dfb4963c3e041f02c8c54ca1a8685f1df119
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158
32ed9027379c541488ce8f2005168ae50fe15bbbc356a271d2f94b6a726cc0cb
3346b50998e13a1ed6d626afcbe8c2572076c9a55fc2d8473034a5649d56e91c
5b2485166c0c43d755e789ccf478204753d2b98050b602c558fb24286d9f5b66
79a5f8cbec83725fd156f45c89b6a02f6e166b3874f29e97cb3c2b0284685646
93ef8c3872b0dd9e9b1f3fd9451821b4cd4fe5b0cc636573cdf05d112a032636
95359b8e310eaed04924869c793682b9c5d6726b92da8c02a0a4a3bdb2fcca50
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e
cddabf6bfbc77aa5fb6fdf3abc55ba4bf187741727f354c176e8e0d77b3c51ef
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
f14cd52ccc7f1df4dca05ab33ac62da2e60d26117944def08692b11d64102080