urlscan.io logo urlscan.io
SecurityTrails logo

marvelapp.com Open in urlscan Pro
2a04:4e42:1b::729  Public Scan

Go To Rescan Add Verdict Report
URL: https://marvelapp.com/6817ded
Submission: On September 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 9 domains to perform 17 HTTP transactions. The main IP is 2a04:4e42:1b::729, located in Ascension Island and belongs to FASTLY - Fastly, US. The main domain is marvelapp.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on September 12th 2019. Valid for: 5 months.
This is the only time marvelapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2a04:4e42:1b:... 54113 (FASTLY)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 143.204.214.4 16509 (AMAZON-02)
3 13.32.218.32 16509 (AMAZON-02)
1 54.208.212.108 14618 (AMAZON-AES)
17 6
10    2a04:4e42:1b::729 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
marvelapp.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.polyfill.io
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    143.204.214.4 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-4.fra53.r.cloudfront.net
widget.intercom.io
3    13.32.218.32 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-218-32.fra56.r.cloudfront.net
js.intercomcdn.com
1    54.208.212.108 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-208-212-108.compute-1.amazonaws.com
stats.pusher.com
Domain Requested by
10 marvelapp.com marvelapp.com
3 js.intercomcdn.com js.intercomcdn.com
2 www.google-analytics.com 1 redirects marvelapp.com
1 stats.pusher.com marvelapp.com
1 widget.intercom.io 1 redirects
1 www.google.de marvelapp.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 cdn.polyfill.io marvelapp.com
17 9

This site contains no links.

Subject Issuer Validity Valid
s2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-09-12 -
2020-02-16		 5 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.intercomcdn.com
Amazon		 2019-04-27 -
2020-05-27		 a year crt.sh
*.pusher.com
Gandi Standard SSL CA 2		 2019-01-02 -
2020-02-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://marvelapp.com/6817ded
Frame ID: 0A0B445E7CF8FEC290FD2647E02BF957
Requests: 15 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame.784ce67c.js
Frame ID: FD8686B0DB8B66CF989B2AAF121CCC46
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

6
IPs

4
Countries

8825 kB
Transfer

11378 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=79176645&t=pageview&_s=1&dl=https%3A%2F%2Fmarvelapp.com%2F6817ded&dp=prototype-view&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1380947834&gjid=494539927&cid=92458090.1569240725&tid=UA-38711157-1&_gid=1671079280.1569240725&_r=1&z=299227193 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_gid=1671079280.1569240725&gjid=494539927&_v=j79&z=299227193 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_v=j79&z=299227193 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_v=j79&z=299227193&slf_rd=1&random=3322715652
Request Chain 12
  • https://widget.intercom.io/widget/%7Bapp_id%7D HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6817ded
marvelapp.com/ 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
66dea46b5801126c147df715bf811f2fd55a649894cf684bd1d1b65aeabb635d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
marvelapp.com
:scheme
https
:path
/6817ded
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx/1.12.2
content-type
text/html; charset=utf-8
x-marvel
marvel
access-control-allow-headers
Content-Type, Accept, X-Requested-With, X-CSRFToken, location
access-control-expose-headers
Content-Type, Accept, X-Requested-With, X-CSRFToken, location
x-request-uuid
f0ef7238-d432-42b4-b165-e2d5c7b10d8c
access-control-allow-origin
https://marvelapp.com
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
set-cookie
csrftoken=fAafsxpu2Kv362VRaTz72jbVfpqmWKoy; expires=Mon, 21-Sep-2020 12:12:04 GMT; Max-Age=31449600; Path=/ test_group_number=26; Path=/
x-backend
prd-eu-app05
content-encoding
gzip
accept-ranges
bytes bytes
age
0 0
date
Mon, 23 Sep 2019 12:12:04 GMT
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
vary
Cookie, Authorization
fastly-version
484
strict-transport-security
max-age=2592000
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Object.assign,Map,Set,requestAnimationFrame
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1206652
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
HHN
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
etag
W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
referrer-policy
origin-when-cross-origin
date
Mon, 23 Sep 2019 12:12:04 GMT
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/74.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
prototype.0e3d73cb226f144e3503.css
marvelapp.com/static/css/ 		303 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/static/css/prototype.0e3d73cb226f144e3503.css
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8b9148c51c7c8f882a432cc3a8e9da09e55bc6a0acd5109546b38b7da68e2f72
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:04 GMT
content-encoding
gzip
vary
Accept-Encoding
x-backend
prd-eu-app06
age
250722
x-cache
HIT
status
200
content-length
61769
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 14:54:59 GMT
server
nginx/1.12.2
etag
W/"5d8396c3-4ba4f"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 varnish
expires
Fri, 27 Sep 2019 14:33:23 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
2
common-bundle.98583e6fde795dab077c.js
marvelapp.com/static/ 		1 MB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/static/common-bundle.98583e6fde795dab077c.js
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
d6e97d081f5efef478f1a0259fbb472d2f67c9b41b2b51b5a432bd9692f697be
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:04 GMT
content-encoding
gzip
vary
Accept-Encoding
x-backend
prd-eu-app03
age
7879
x-cache
HIT
status
200
content-length
517010
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Mon, 23 Sep 2019 09:59:21 GMT
server
nginx/1.12.2
etag
W/"5d889779-1610fb"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 varnish
expires
Mon, 30 Sep 2019 10:00:45 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
3
prototype-bundle.b61943c26a7d25c291b2.js
marvelapp.com/static/ 		1 MB
346 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/static/prototype-bundle.b61943c26a7d25c291b2.js
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0f864f23c9cb5c32ee1a55e24754d1ac30cc0971c5467c65ccffae8c23c3f9d1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:04 GMT
content-encoding
gzip
vary
Accept-Encoding
x-backend
prd-eu-app03
age
7877
x-cache
HIT
status
200
content-length
353713
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Mon, 23 Sep 2019 09:59:21 GMT
server
nginx/1.12.2
etag
W/"5d889779-1177c6"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 varnish
expires
Mon, 30 Sep 2019 10:00:47 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5311
date
Mon, 23 Sep 2019 10:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Mon, 23 Sep 2019 12:43:33 GMT
/
marvelapp.com/api/v1/integration/snippet/ 		15 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/api/v1/integration/snippet/?project_id=4367516
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
fca491ce8afb2434b2e7eb613bd48a57b855aa798ec4d60d6fc0f7996d66320d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:04 GMT
content-encoding
gzip
x-backend
prd-eu-app05
age
0, 0
x-cache
MISS
status
200
strict-transport-security
max-age=2592000
access-control-allow-origin
https://marvelapp.com
allow
GET, POST, PUT, DELETE, HEAD, OPTIONS
x-marvel
marvel
server
nginx/1.12.2
x-frame-options
SAMEORIGIN
vary
Accept, Authorization, Cookie
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
application/json
via
1.1 varnish
access-control-expose-headers
Content-Type, Accept, X-Requested-With, X-CSRFToken, location
cache-control
private, no-cache
x-request-uuid
27be3ee7-ad70-4cd6-a124-d81c99e735bd
fastly-version
484
accept-ranges
bytes, bytes
access-control-allow-headers
Content-Type, Accept, X-Requested-With, X-CSRFToken, location
x-cache-hits
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=79176645&t=pageview&_s=1&dl=https%3A%2F%2Fmarvelapp.com%2F6817ded&dp=prototype-view&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_gid=1671079280.1569240725&gjid=494539927&_v=j79&z=299227193
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_v=j79&z=299227193
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_v=j79&z=299227193&slf_rd=1&random=3322715652
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_v=j79&z=299227193&slf_rd=1&random=3322715652
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Sep 2019 12:12:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Sep 2019 12:12:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38711157-1&cid=92458090.1569240725&jid=1380947834&_v=j79&z=299227193&slf_rd=1&random=3322715652
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FaktSoftPro-Normal.woff
marvelapp.com/static/assets/webfonts/fakt-soft/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/static/assets/webfonts/fakt-soft/FaktSoftPro-Normal.woff
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/static/common-bundle.98583e6fde795dab077c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
32b732d722b50475fe91bb9fb03712861d54d390d71499099a59acbd4e47eeab
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
cors
Referer
https://marvelapp.com/static/css/prototype.0e3d73cb226f144e3503.css
Origin
https://marvelapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:05 GMT
via
1.1 varnish
x-backend
prd-eu-app05
age
460531
x-cache
HIT
status
200
content-length
89924
referrer-policy
same-origin
last-modified
Mon, 27 Feb 2017 12:03:40 GMT
server
nginx/1.12.2
etag
"58b4159c-15f44"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
expires
Wed, 24 Jul 2019 03:38:41 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
4
select-property.b3f39f6dd76ceacc66bb3ac6f05879da.svg
marvelapp.com/static/ 		267 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvelapp.com/static/select-property.b3f39f6dd76ceacc66bb3ac6f05879da.svg
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9268b945c44acc23cc3b35a76dee63cda2dd7b2f62225fa73a153abc836b6652
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/static/css/prototype.0e3d73cb226f144e3503.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:05 GMT
content-encoding
gzip
vary
Accept-Encoding
x-backend
prd-eu-app06
age
459206
x-cache
HIT
status
200
content-length
194
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Fri, 13 Sep 2019 14:31:49 GMT
server
nginx/1.12.2
etag
"5d7ba855-10b"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
via
1.1 varnish
expires
Wed, 25 Sep 2019 04:38:39 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
2
FaktSoftPro-Medium.woff
marvelapp.com/static/assets/webfonts/fakt-soft/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/static/assets/webfonts/fakt-soft/FaktSoftPro-Medium.woff
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
58e04471e4bb5b6e831b9f5eb99b7f8423373e1bac928e820f96e6903f0a2ceb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
cors
Referer
https://marvelapp.com/static/css/prototype.0e3d73cb226f144e3503.css
Origin
https://marvelapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:05 GMT
via
1.1 varnish
x-backend
prd-eu-app03
age
201348
x-cache
HIT
status
200
content-length
95577
referrer-policy
same-origin
last-modified
Mon, 27 Feb 2017 12:03:40 GMT
server
nginx/1.12.2
etag
"58b4159c-17559"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
expires
Sat, 14 Sep 2019 04:10:35 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
4
FaktSoftPro-Blond.woff
marvelapp.com/static/assets/webfonts/fakt-soft/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://marvelapp.com/static/assets/webfonts/fakt-soft/FaktSoftPro-Blond.woff
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/static/prototype-bundle.b61943c26a7d25c291b2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
23748e71d148fd22e18c963bd4b3600b53d61f768cc44767fc8807ebc58728d9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
cors
Referer
https://marvelapp.com/static/css/prototype.0e3d73cb226f144e3503.css
Origin
https://marvelapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:05 GMT
via
1.1 varnish
x-backend
prd-eu-app02
age
554012
x-cache
HIT
status
200
content-length
94948
referrer-policy
same-origin
last-modified
Mon, 27 Feb 2017 12:03:40 GMT
server
nginx/1.12.2
etag
"58b4159c-172e4"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
expires
Tue, 17 Sep 2019 01:15:01 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
4
sheet_apple_64.png
marvelapp.com/static/assets/images/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marvelapp.com/static/assets/images/sheet_apple_64.png
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/6817ded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
d023dfed3b33c64b5168288afd900b1919547201cc8f23fa2d100145a8d4d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:12:05 GMT
via
1.1 varnish
x-backend
prd-eu-app02
age
112455
x-cache
HIT
status
200
content-length
7527495
referrer-policy
same-origin
last-modified
Mon, 27 Feb 2017 12:03:39 GMT
server
nginx/1.12.2
etag
"58b4159b-72dc47"
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
expires
Sun, 15 Sep 2019 04:26:24 GMT
cache-control
max-age=604800, public, max-age=604800, must-revalidate
access-control-allow-credentials
true
fastly-version
484
accept-ranges
bytes, bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits
0
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/%7Bapp_id%7D
  • https://js.intercomcdn.com/shim.latest.js
11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6c48bf38a7d91c678f238950f98224788dcbc5ada8b933da45b8aaa542a3410

Request headers

Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 12:07:59 GMT
content-encoding
gzip
age
247
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
4047
last-modified
Fri, 20 Sep 2019 18:57:51 GMT
server
AmazonS3
etag
"36a7d021c1b93377e8ee5b2bfc068ee5"
content-type
application/javascript; charset=UTF-8
via
1.1 ad93a72606d0015c6aa5ceae5dc8a8d5.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
DZTVi3WB3X0k-bUjUgJsBA397tSzfGI6FXr8CgMyu6sgeJ4IvkuM6w==

Redirect headers

date
Sun, 22 Sep 2019 16:54:44 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server
AmazonS3
age
69442
status
302
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
DU758ek8SOKCCKrAvAGRT2SxpZD5cxGsHFgy3NkKeCwI867kQLDxng==
frame.784ce67c.js
js.intercomcdn.com/ Frame FD86 		282 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame.784ce67c.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6807bd244e88723ee60426c1a713a928ccb2d87de1d5de714af438eeb78f710

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 10:58:10 GMT
content-encoding
gzip
age
4446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
79239
last-modified
Fri, 20 Sep 2019 18:52:40 GMT
server
AmazonS3
etag
"42e75b6a0ebe6f8ead139e499c448dc5"
content-type
application/javascript; charset=UTF-8
via
1.1 ad93a72606d0015c6aa5ceae5dc8a8d5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
u-3Ax-Uf8hlZe15y-K_nflmVMb-dTF8ibUcjzD7dQDJxPRDe0AdP1g==
vendor.7bb778ba.js
js.intercomcdn.com/ Frame FD86 		569 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor.7bb778ba.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
448b5436fb4b698d5ee9299bc9b5d1762a71327488bf89aaa54cebc2d42f16b7

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 10:58:10 GMT
content-encoding
gzip
age
4446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
177655
last-modified
Fri, 20 Sep 2019 18:52:41 GMT
server
AmazonS3
etag
"005b7f641a2455532155f67cf997a9dc"
content-type
application/javascript; charset=UTF-8
via
1.1 ad93a72606d0015c6aa5ceae5dc8a8d5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
-hvwLnjH9blEynZo2bt4TVj2AmE-sn1lY1iVwXChl5tHRIPoFLNqCg==
1
stats.pusher.com/timeline/v2/jsonp/ 		80 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=OTE3ODg4MTM0&bundle=MQ%3D%3D&key=NzA3NDRkMzc5Zjg3YTM3ZGY2OGE%3D&lib=anM%3D&version=My4yLjQ%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE1NjkyNDA3MjUwODF9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNTY5MjQwNzI1MDgyfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNTY5MjQwNzI1MDgyfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTU2OTI0MDcyNTA4Mn0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTU2OTI0MDcyNTA4M30seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTU2OTI0MDcyNTQ3OH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIyNjcwNTIuMjM1NTAyMTMifSwidGltZXN0YW1wIjoxNTY5MjQwNzI1NDc5fV0%3D
Requested by
Host: marvelapp.com
URL: https://marvelapp.com/static/common-bundle.98583e6fde795dab077c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.212.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-208-212-108.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6bbb477a00e07b07d35c258f8cbcd5b90bbdf329cf7e408d18a75b7bba8fdb42

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://marvelapp.com/6817ded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Sep 2019 12:12:05 GMT
Server
nginx
Connection
close
Content-Length
80
Content-Type
application/javascript

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga function| Intercom object| MARVELAPP object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| SENTRY_RELEASE function| $ function| jQuery object| jQuery112404704215405631882 function| noty function| setImmediate function| clearImmediate object| Backbone function| Mousetrap function| Pusher object| babelHelpers object| regeneratorRuntime object| __core-js_shared__ function| addResizeListener function| removeResizeListener function| Hammer function| P object| enhancedHistory undefined| __INTERCOM_BUNDLE_LOAD_TIME__

5 Cookies

Domain/Path Name / Value
.marvelapp.com/ Name: _gat
Value: 1
marvelapp.com/ Name: test_group_number
Value: 26
.marvelapp.com/ Name: _gid
Value: GA1.2.1671079280.1569240725
.marvelapp.com/ Name: _ga
Value: GA1.2.92458090.1569240725
marvelapp.com/ Name: csrftoken
Value: fAafsxpu2Kv362VRaTz72jbVfpqmWKoy

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
js.intercomcdn.com
marvelapp.com
stats.g.doubleclick.net
stats.pusher.com
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
13.32.218.32
143.204.214.4
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c09::9c
2a04:4e42:1b::621
2a04:4e42:1b::729
54.208.212.108
0f864f23c9cb5c32ee1a55e24754d1ac30cc0971c5467c65ccffae8c23c3f9d1
23748e71d148fd22e18c963bd4b3600b53d61f768cc44767fc8807ebc58728d9
32b732d722b50475fe91bb9fb03712861d54d390d71499099a59acbd4e47eeab
448b5436fb4b698d5ee9299bc9b5d1762a71327488bf89aaa54cebc2d42f16b7
58e04471e4bb5b6e831b9f5eb99b7f8423373e1bac928e820f96e6903f0a2ceb
66dea46b5801126c147df715bf811f2fd55a649894cf684bd1d1b65aeabb635d
6bbb477a00e07b07d35c258f8cbcd5b90bbdf329cf7e408d18a75b7bba8fdb42
8b9148c51c7c8f882a432cc3a8e9da09e55bc6a0acd5109546b38b7da68e2f72
9268b945c44acc23cc3b35a76dee63cda2dd7b2f62225fa73a153abc836b6652
c6c48bf38a7d91c678f238950f98224788dcbc5ada8b933da45b8aaa542a3410
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d023dfed3b33c64b5168288afd900b1919547201cc8f23fa2d100145a8d4d8a7
d6e97d081f5efef478f1a0259fbb472d2f67c9b41b2b51b5a432bd9692f697be
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e6807bd244e88723ee60426c1a713a928ccb2d87de1d5de714af438eeb78f710
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fca491ce8afb2434b2e7eb613bd48a57b855aa798ec4d60d6fc0f7996d66320d