URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Submission: On November 13 via manual from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 159.69.48.31, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is app.marmof.com.
TLS certificate: Issued by E6 on September 10th 2024. Valid for: 3 months.
This is the only time app.marmof.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 159.69.48.31 24940 (HETZNER-AS)
1 2600:9000:225... 16509 (AMAZON-02)
2 143.198.242.75 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 60068 (CDN77 _)
1 162.19.169.11 16276 (OVH)
17 8
Apex Domain
Subdomains
Transfer
7 marmof.com
app.marmof.com
marmof.com Failed
207 KB
3 bablosoft.com
customfingerprints.bablosoft.com — Cisco Umbrella Rank: 121909
fingerprints.bablosoft.com — Cisco Umbrella Rank: 304062
667 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 9910
2 KB
2 ui-avatars.com
ui-avatars.com — Cisco Umbrella Rank: 50148
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
71 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 25169
5 KB
17 6
Domain Requested by
7 app.marmof.com app.marmof.com
2 plausible.io www.googletagmanager.com
plausible.io
2 ui-avatars.com app.marmof.com
2 customfingerprints.bablosoft.com app.marmof.com
customfingerprints.bablosoft.com
1 fingerprints.bablosoft.com customfingerprints.bablosoft.com
1 www.googletagmanager.com app.marmof.com
1 r.wdfl.co app.marmof.com
0 marmof.com Failed app.marmof.com
17 8

This site contains links to these domains. Also see Links.

Domain
ns.califragilist.com
Subject Issuer Validity Valid
marmof.com
E6
2024-09-10 -
2024-12-09
3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02
2024-08-02 -
2025-08-30
a year crt.sh
customfingerprints.bablosoft.com
R10
2024-10-10 -
2025-01-08
3 months crt.sh
ui-avatars.com
WE1
2024-11-02 -
2025-01-31
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
plausible.io
R11
2024-10-16 -
2025-01-14
3 months crt.sh
fingerprints.bablosoft.com
R10
2024-10-10 -
2025-01-08
3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Frame ID: 894A62E911BA91D421ADAC9BB341E2D4
Requests: 19 HTTP requests in this frame

Frame: https://fingerprints.bablosoft.com/setcookies
Frame ID: ADC8C43C0CE3C32A57EB2362E9E2A71D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

2024-11-06 Untitled Document

Detected technologies

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Page Statistics

17
Requests

94 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

975 kB
Transfer

1745 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 01jc0wzptpy7bepvzk4ner7dc5
app.marmof.com/share/
128 KB
25 KB
Document
General
Full URL
https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
a8dfee25293a6c8a1f9ee762e632160d6cb6e53d7794fea07a059a915017de7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Nov 2024 17:53:27 GMT
server
nginx
vary
Accept-Encoding X-Inertia
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
rw.js
r.wdfl.co/
18 KB
5 KB
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:400:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6fc94615dfb1bea7d5d2c0eb3b473773613b14b116c460fa455646246731881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

vary
accept-encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"df39bbdbfd997e8f4fa2cf75a3f47823"
age
662
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
GvdFX6IXxz0RZ-Nr3iDAV1IxIaCa3WF_tjjgYfkXY3G9QaLXZDyeQA==
date
Wed, 13 Nov 2024 17:42:26 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 14:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
app-0b1f8530.css
app.marmof.com/build/assets/
322 KB
55 KB
Stylesheet
General
Full URL
https://app.marmof.com/build/assets/app-0b1f8530.css
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
5b2485166c0c43d755e789ccf478204753d2b98050b602c558fb24286d9f5b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-507b8"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Wed, 13 Nov 2024 17:53:27 GMT
content-type
text/css
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
app-49265ad1.js
app.marmof.com/build/assets/
356 KB
120 KB
Script
General
Full URL
https://app.marmof.com/build/assets/app-49265ad1.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
f14cd52ccc7f1df4dca05ab33ac62da2e60d26117944def08692b11d64102080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer
https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-590b8"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Wed, 13 Nov 2024 17:53:27 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
clientsafe.js
customfingerprints.bablosoft.com/
662 KB
663 KB
Script
General
Full URL
https://customfingerprints.bablosoft.com/clientsafe.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
93ef8c3872b0dd9e9b1f3fd9451821b4cd4fe5b0cc636573cdf05d112a032636
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
public, max-age=0
etag
W/"a5710-190e5f98f40"
accept-ranges
bytes
content-length
677648
date
Wed, 13 Nov 2024 17:53:27 GMT
content-type
application/javascript; charset=UTF-8
x-powered-by
Express
last-modified
Wed, 24 Jul 2024 18:20:56 GMT
/
ui-avatars.com/api/
569 B
1 KB
Image
General
Full URL
https://ui-avatars.com/api/?name=A+J&color=ffffff&background=f34b1d
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0f06d240ce5ed4440a756e020c0e191e8346de7a76781e545c091fc5b874c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

access-control-max-age
31536000, 31536000
content-encoding
gzip
cf-cache-status
HIT
age
15866
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yo8SVt3LuvgaQV2XNC3UmecVMh7Y2B1EmJmuZWSqfLoNeddhuimhSs%2BrCkFOgCfZ%2FBGl4V%2BWwdkxBMeJzHKugi936JcNluXMabQlvHtsS3IhJb6B4X1gAVyjwg5tql8NTSfh3fmi8DyICccp"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
expires
Thu, 13 Nov 2025 13:15:38 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=39843&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2282&delivery_rate=98718&cwnd=254&unsent_bytes=0&cid=2678ebf1ac97365a&ts=280&x=0"
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:15:38 GMT
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
access-control-allow-credentials
true, true
cf-ray
8e209f15ac2d3a9e-FRA
access-control-allow-origin
*, *
server
cloudflare
gtm.js
www.googletagmanager.com/
196 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MC7CMZBF
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c091d913c6200e6ce7f21020f1ec6a94cb80cec1aa24a348cd00953949378fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 13 Nov 2024 17:53:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 17:13:25 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71980
x-xss-protection
0
server
Google Tag Manager
Document-d618b903.js
app.marmof.com/build/assets/
2 KB
1 KB
Script
General
Full URL
https://app.marmof.com/build/assets/Document-d618b903.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/build/assets/app-49265ad1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
cddabf6bfbc77aa5fb6fdf3abc55ba4bf187741727f354c176e8e0d77b3c51ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-86b"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
logotype-original-6f3eac48.js
app.marmof.com/build/assets/
6 KB
3 KB
Script
General
Full URL
https://app.marmof.com/build/assets/logotype-original-6f3eac48.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/build/assets/app-49265ad1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
79a5f8cbec83725fd156f45c89b6a02f6e166b3874f29e97cb3c2b0284685646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-18bc"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
Button-7c0475a9.js
app.marmof.com/build/assets/
3 KB
1 KB
Script
General
Full URL
https://app.marmof.com/build/assets/Button-7c0475a9.js
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/build/assets/app-49265ad1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
1780cd3c16090e58a07403afe55c8c972c295f27abb05c65b61b4ca88b7040cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"672be746-bca"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 22:01:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
perfectcanvas
customfingerprints.bablosoft.com/
26 KB
3 KB
Fetch
General
Full URL
https://customfingerprints.bablosoft.com/perfectcanvas?publickey=9o4jz0fizt0fc61mm1dzpe7gb8lnzcwmb8x76tggdatd5ei6tekw7p9nv1q0zrzy
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
32ed9027379c541488ce8f2005168ae50fe15bbbc356a271d2f94b6a726cc0cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
date
Wed, 13 Nov 2024 17:53:28 GMT
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2
marmof.com/storage/fonts/b86251dcd5/
0
0

script.js
plausible.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.io/js/script.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC7CMZBF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

cdn-status
200
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cachedat
11/13/2024 16:13:05
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, must-revalidate, max-age=86400
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
41a18fa03a7ad400898916798e3f5b90
cross-origin-resource-policy
cross-origin
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
/
ui-avatars.com/api/
569 B
0
Image
General
Full URL
https://ui-avatars.com/api/?name=A+J&color=ffffff&background=f34b1d
Requested by
Host: app.marmof.com
URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0f06d240ce5ed4440a756e020c0e191e8346de7a76781e545c091fc5b874c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/

Response headers

access-control-max-age
31536000, 31536000
content-encoding
gzip
cf-cache-status
HIT
age
15866
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yo8SVt3LuvgaQV2XNC3UmecVMh7Y2B1EmJmuZWSqfLoNeddhuimhSs%2BrCkFOgCfZ%2FBGl4V%2BWwdkxBMeJzHKugi936JcNluXMabQlvHtsS3IhJb6B4X1gAVyjwg5tql8NTSfh3fmi8DyICccp"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
expires
Thu, 13 Nov 2025 13:15:38 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=39843&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2282&delivery_rate=98718&cwnd=254&unsent_bytes=0&cid=2678ebf1ac97365a&ts=280&x=0"
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:15:38 GMT
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
access-control-allow-credentials
true, true
cf-ray
8e209f15ac2d3a9e-FRA
access-control-allow-origin
*, *
server
cloudflare
event
plausible.io/api/
2 B
510 B
XHR
General
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://app.marmof.com/

Response headers

x-request-id
GAeYo0QPr8hbTJsGnDij
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
text/plain; charset=utf-8
cdn-cachedat
11/13/2024 17:53:28
cdn-requestpullcode
202
cache-control
must-revalidate, max-age=0, private
cdn-requestpullsuccess
True
cdn-requesttime
2
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
57de1b65b335638114bbdab802770b77
access-control-allow-credentials
true
cdn-pullzone
682664
cdn-proxyver
1.06
application
127.0.0.1
permissions-policy
interest-cohort=()
x-plausible-dropped
1
access-control-allow-origin
*
content-length
2
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
favicon-32x32.png
app.marmof.com/
1 KB
2 KB
Other
General
Full URL
https://app.marmof.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.69.48.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.48.69.159.clients.your-server.de
Software
nginx /
Resource Hash
227eeb5ef49e062025133c4e2cc8c42d7ea76b0c869e467bb92638cdf1acc942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5

Response headers

etag
"672be6df-5af"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1455
x-xss-protection
1; mode=block
date
Wed, 13 Nov 2024 17:53:28 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 21:59:59 GMT
server
nginx
x-frame-options
SAMEORIGIN
setcookies
fingerprints.bablosoft.com/ Frame ADC8
0
0
Document
General
Full URL
https://fingerprints.bablosoft.com/setcookies
Requested by
Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.19.169.11 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3222241.ip-162-19-169.eu
Software
/ Express
Resource Hash

Request headers

Referer
https://app.marmof.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
60
Date
Wed, 13 Nov 2024 17:53:28 GMT
Keep-Alive
timeout=5
X-Powered-By
Express
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

Content-Type
application/x-font-opentype
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

Content-Type
application/x-font-opentype
truncated
/
1 KB
1 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.marmof.com
Referer

Response headers

Content-Type
application/x-font-opentype

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
marmof.com
URL
https://marmof.com/storage/fonts/b86251dcd5/sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer string| _rwq function| rewardful function| route boolean| _rewardful_loaded function| Rewardful function| FontManagerData function| FontManagerGlyphs function| FontManagerHashGenerator function| FontManager function| GetSystemFontData function| GetWebGPUData function| getInstalledExtensions function| PerfectCanvasPrecomputed function| PerfectCanvas function| ProcessFingerprint function| ProcessFingerprintNoCache function| ProcessFingerprintInternal function| _ function| axios object| __VUE_INSTANCE_SETTERS__ object| __vueuse_ssr_handlers__ object| google_tag_manager object| google_tag_data boolean| __VUE__ function| plausible

2 Cookies

Domain/Path Name / Value
app.marmof.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImRPdmJjSkRtQkI1Q0owVlQ0SC9tcEE9PSIsInZhbHVlIjoiYWpDQlYxNFhtM0hWQXRNSUMvQkVncjU5ZEp5L21YdzI4M1JZellsaExBYkwwYWxPTDBYS0pIR1JvWExyNXpGcjZuYmRnMVhuNUJ5cW00NDRwb0Z4ekxwRmxTR2srV0tWS1R2OENLTW9EdEFIaFFKaXQvdFNDV3pvVTBFNU4xRWUiLCJtYWMiOiJlYjFmNTcyNWUwYTYyNDI4NWQwNWQxODU4Mzk4ZDlkOGNjZjcyYThlZTY1MjljZmYxN2UxM2Y2ZjBiMTcxM2FiIiwidGFnIjoiIn0%3D
app.marmof.com/ Name: marmof_session
Value: eyJpdiI6IkFHWnh1T09iZ3lUQ1IwM2lYbDZNaUE9PSIsInZhbHVlIjoiL1N6VTNhNnV5bnhwR0dZMTBpYUppVDFzcXkzTVgwaWxRM2VaNHFuZmNWNDhlb1hJbVovZjVRcVRjMm9tQmo5cEhlTW9BOWFrNmpDMEtLa2ZjbEk1clV4eWY0SDk5YzF0bzRXa0FTMUx0ZUFpa09hVzFzWUtMd3NsdW9QUFkrL04iLCJtYWMiOiI5M2NmZTVmNWE5YmMxY2U5ZjU0MTFiY2FiODNmNzliOWYzYjAyN2Y1ODEyNmY0ODNiNzE5YmZlYmRiMjFjNWE3IiwidGFnIjoiIn0%3D

15 Console Messages

Source Level URL
Text
javascript error URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
Access to font at 'https://marmof.com/storage/fonts/b86251dcd5/sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2' from origin 'https://app.marmof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://marmof.com/storage/fonts/b86251dcd5/sinterv12ucc73fwrk3iltehus-fvqtmwcp50knma1zl7w0q5nw.woff2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to parse video contentType: video/ogg; codecs=theora
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://customfingerprints.bablosoft.com/clientsafe.js
Message:
Failed to create WebGPU Context Provider
rendering warning URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A09B02142B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
[.WebGL-0x1c4057ac700]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels (this message will no longer repeat)
rendering warning URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0709B02142B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A010E600142B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A080E500142B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://app.marmof.com/share/01jc0wzptpy7bepvzk4ner7dc5
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0E500142B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.marmof.com
customfingerprints.bablosoft.com
fingerprints.bablosoft.com
marmof.com
plausible.io
r.wdfl.co
ui-avatars.com
www.googletagmanager.com
marmof.com
143.198.242.75
159.69.48.31
162.19.169.11
2400:52e0:1e00::1080:1
2600:9000:225e:400:1b:348c:b140:93a1
2606:4700:20::681a:9b9
2a00:1450:4001:830::2008
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0
1780cd3c16090e58a07403afe55c8c972c295f27abb05c65b61b4ca88b7040cf
227eeb5ef49e062025133c4e2cc8c42d7ea76b0c869e467bb92638cdf1acc942
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158
32ed9027379c541488ce8f2005168ae50fe15bbbc356a271d2f94b6a726cc0cb
5b2485166c0c43d755e789ccf478204753d2b98050b602c558fb24286d9f5b66
6c091d913c6200e6ce7f21020f1ec6a94cb80cec1aa24a348cd00953949378fe
79a5f8cbec83725fd156f45c89b6a02f6e166b3874f29e97cb3c2b0284685646
93ef8c3872b0dd9e9b1f3fd9451821b4cd4fe5b0cc636573cdf05d112a032636
a8dfee25293a6c8a1f9ee762e632160d6cb6e53d7794fea07a059a915017de7b
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e
cddabf6bfbc77aa5fb6fdf3abc55ba4bf187741727f354c176e8e0d77b3c51ef
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
e6fc94615dfb1bea7d5d2c0eb3b473773613b14b116c460fa455646246731881
ea0f06d240ce5ed4440a756e020c0e191e8346de7a76781e545c091fc5b874c0
f14cd52ccc7f1df4dca05ab33ac62da2e60d26117944def08692b11d64102080