urlscan.io logo urlscan.io
SecurityTrails logo

spezz.exchange Open in urlscan Pro
172.67.68.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://spezz.exchange/
Effective URL: https://spezz.exchange/
Submission: On June 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 172.67.68.104, located in United States and belongs to CLOUDFLARENET, US. The main domain is spezz.exchange.
TLS certificate: Issued by GTS CA 1P5 on May 13th 2024. Valid for: 3 months.
This is the only time spezz.exchange was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 172.67.68.104 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 104.18.30.234 13335 (CLOUDFLAR...)
29 3
Apex Domain
Subdomains		 Transfer
17 spezz.exchange
spezz.exchange
121 KB
12 termly.io
app.termly.io — Cisco Umbrella Rank: 16797
239 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
29 3
Domain Requested by
17 spezz.exchange 1 redirects spezz.exchange
static.cloudflareinsights.com
12 app.termly.io spezz.exchange
app.termly.io
1 static.cloudflareinsights.com spezz.exchange
29 3

This site contains no links.

Subject Issuer Validity Valid
spezz.exchange
GTS CA 1P5		 2024-05-13 -
2024-08-11		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
app.termly.io
Sectigo RSA Domain Validation Secure Server CA		 2024-05-28 -
2025-06-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://spezz.exchange/
Frame ID: E3051648419763F81392DAEAB29AC4A1
Requests: 24 HTTP requests in this frame

Frame: https://spezz.exchange/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Frame ID: 9B8A87289556AEC9F09598214D378DD5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Spezz Exchange - Enhance your gaming experience

Page URL History Show full URLs

  1. http://spezz.exchange/ HTTP 307
    https://spezz.exchange/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • app\.termly\.io/embed\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

366 kB
Transfer

1109 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://spezz.exchange/ HTTP 307
    https://spezz.exchange/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://spezz.exchange/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://spezz.exchange/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
spezz.exchange/
Redirect Chain
  • http://spezz.exchange/
  • https://spezz.exchange/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df53d2d65d37d52f4d7e6e4a8e4b3bf50bab99633e1370ead18ab97f4cbb36f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
88f0f4b3fdf265c2-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 14:47:05 GMT
last-modified
Wed, 01 Nov 2023 17:30:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2W58d%2BmDRBsV%2BYcy%2BUMKmkYubWuLGcxiS1i%2Fsm%2F8hEH1p3S4GTnv1DyytUyKlZEy1PGiFrKmlOIcADk8r%2B1GjN3BtGIU5uIT0Sl8omhvDkgr7tBORjC0AGSUqpX4oLE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://spezz.exchange/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
spezz.exchange/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/css/bootstrap.min.css?3795
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bf1ed945f788d355c903ef8d5b8b20aea2d81c40000f61931025b2735b0b560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 02 Feb 2021 13:01:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60194d34-2725a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBNFUvdcA0c9kXB7k9U7Z3ZWha4KkodcXTa4T099zbm4ijHTpIRjCyvxEOpOIQZSs%2FbXccaMaPEgIIvpk86tb8d1K0wL2bUudR5lHVAihzj%2Fi3dIElLL2smSvb5AGEBF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b50f8e65c2-FRA
alt-svc
h3=":443"; ma=86400
style.css
spezz.exchange/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/style.css?5002
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b877d80a7e91db6f1228ac2c0364c796e6fa05932e1cf81e43af9d688398e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2078
cf-polished
origSize=8863
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 02 Feb 2021 12:59:40 GMT
server
cloudflare
etag
W/"60194cbc-229f"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rms6LWrRhvkhjReGeU1zyXPf9SHa5RgiWl6x5sT4HyB6%2BleiEl5y5eJzEK61Y5R6gheSu1lA6atmFFuxeecwpKOrl3KLWCYIhaWvqaVPF3BBI0gH1Z0WRnJgjcyIRCbi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b50f9265c2-FRA
Colored.svg
spezz.exchange/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spezz.exchange/img/Colored.svg
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e251b06d052a37fb588fdcf1dea13daff6953c74e3c49ab899111988df7c6e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 02 Feb 2021 13:00:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60194cfc-6c1"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z63P5wtz0xCXivyy4134Ggji1xzF8tvkyLuSRLJDGPzEJCedXNsRMc9bOubMk%2FfDG0OiWQFJGFeDA3KZM8YF5FEkwRs9L4gD9bQbedug0FZ9NCU%2BkDaYweeoq6RtUljT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b50f9465c2-FRA
alt-svc
h3=":443"; ma=86400
rocket-loader.min.js
spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Jun 2024 14:52:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"665dd891-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdpNVjLZr%2Fiu2ikfOQsITbmLvJDTQlxtnGBM6LgMUCcdBQH8v0Gt6wllofCMF8w2Sm%2BRf8tzXkrt%2FiB5hQ0%2FXeLjsZFGjEti1G3GcCVpTParlfpb0nnsYbWIm9hIKkCS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
88f0f4b51fbb65c2-FRA
expires
Fri, 07 Jun 2024 14:47:05 GMT
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Origin
https://spezz.exchange
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:05 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2024 22:09:07 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88f0f4b5a83503b0-FRA
normal.woff2
spezz.exchange/cf-fonts/s/roboto/5.0.11/latin/400/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Origin
https://spezz.exchange
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOVezEA%2Fl76iubKbVIkZfQbT%2FG6DnZ0mgixFyNrNFFZPNdPvgK9%2BpU1U%2BnVTbBRSsThCcgfNQJ9JZ8khDfdKgeEjnG7PdZbQpqs0p0h4auzbu1qN6q8YHilTN%2FaHhkzo"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
88f0f4b6897765c2-FRA
alt-svc
h3=":443"; ma=86400
content-length
15744
sameheight_publish.js
spezz.exchange/js/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/js/sameheight_publish.js?5937
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525370268e6ac15c04226c24f8cb1c331eb8ef2bbd22991eece38114af12d9fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1503
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 02 Feb 2021 13:00:22 GMT
server
cloudflare
etag
W/"60194ce6-5df"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2qmrxw6R%2B3oxOUSK1JCqyeLEXBVZIwuv0ljVjpaSM7dMoLCpEATOoqR9IvdTa0O89Fuwbvec6hk7tjKsG6KgLiIVl9qXO6t5VpG9zcHdvo%2FoiuNuZecLPFgI3yRo0hn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b6897d65c2-FRA
tilt.jquery.js
spezz.exchange/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/js/tilt.jquery.js?3526
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fd07a7f7b7a1d2e087bf8cef5cf57a3dbbcce98bb9de71741550317734f5a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=11790
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 02 Feb 2021 13:00:22 GMT
server
cloudflare
etag
W/"60194ce6-2e0e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKvAOOcOqPKcyOIgPgb%2FkRvE6LnxoH2H3zyqWamsQwiGxXhUq54CeZu0cDiiLJvJr%2BF%2FBmGo718WqRagijSS3U3bGAGS4ILCpfxw7RaoHPEhmCwg1x7FPVxTp3Rlyg1D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b6897f65c2-FRA
blocs.min.js
spezz.exchange/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/js/blocs.min.js?7165
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d406936ab00ca380cdadf101b72fafdf2fc2ebc192e7153113c941d055bec5d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 02 Feb 2021 13:00:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60194ce6-2faa"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM1i%2FINLHgIN7eqhik9LqmxFMYF9oFN3muUzJNy73lko7wjzh47NaFl7nTkq7u0Q%2FgsusUfaUixka46lqGu%2Ftys5a0UzfWm9uPyezzE%2FMeDaVhK7pgCzf6rzdyFiRCqs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b6898065c2-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.bundle.min.js
spezz.exchange/js/ 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/js/bootstrap.bundle.min.js?4431
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffca521cff7a92d1aa4896ecc658b9fd0b25d3ac003236071630421f41f27f5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 02 Feb 2021 13:00:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60194ce6-14887"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wI4r0ovt4l8LS%2Bw8Nbsy3qJglEIuceIAf1HD7lBbqASd3pXMfcGIRsWYBiRl0l4qgzprNjZhm24S6NlqSU6Yh8ppa7abc4bCyiBinQAyObmUe9i3HEq%2B6tQXn0d6XdYa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b6898465c2-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.5.1.min.js
spezz.exchange/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/js/jquery-3.5.1.min.js?1477
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 02 Feb 2021 13:00:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60194ce6-15d84"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0saRVKKEw0WzqqLf6cVV29I0MosqdhRGJYCVyunKGwB0cxtMMtG3UcKKsNUS10tgS8PGRgmMVkagtw4qwxN5edMFU2G7TnwdP5CrhRJoBIte2rwscUDOlDwznuTkUo2X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
88f0f4b6898565c2-FRA
alt-svc
h3=":443"; ma=86400
main.js
spezz.exchange/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/ Frame 9B8A
Redirect Chain
  • https://spezz.exchange/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://spezz.exchange/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f14e4d5024cb2c8d5287de52649d36e9ff92f423a713ba128f4cbf1050e2ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2Bm%2BahgIrMkA1OT0khxLExz5jOeHMOiOmBdQDW8RotIPmgPiIfOc4X5AIujGeKzfSC3ZKYSNRrsnOHM7NR0%2FcUVFef7JQOfAAkVAHOaXGBI8aNHVPry1Y%2BzSKxWGiacf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
88f0f4b6e9f165c2-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 05 Jun 2024 14:47:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAPfXng8JANmprEmA5hnQBxdrTCYFUPQlSkhKX7N%2FToNm9wnn%2Fli9Kyo8obO4L0BbyayyS%2Bnb5ZqRMmYd%2FZ7rG98QHMqn7e4ppypfQ%2FiR7aPeYMix6AMYkutyi4q%2Bkaw"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
88f0f4b6999265c2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
embed.min.js
app.termly.io/ 		614 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/embed.min.js
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14821e26f0b13c6f8b43ab5988f6a0f742447e3da85b7f836af2092871e503f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6679
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 04 Jun 2024 20:51:48 GMT
server
cloudflare
etag
W/"665f7e64-999af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88f0f4b7789335cc-WAW
expires
Wed, 05 Jun 2024 18:47:06 GMT
favicon.png
spezz.exchange/ 		982 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe847e861ec62ffc3cab3c5d313ddd88d96371a7933a18cb58de76420cb55875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=5968
content-disposition
inline; filename="favicon.webp"
alt-svc
h3=":443"; ma=86400
content-length
982
cf-bgj
imgq:100,h2pri
last-modified
Tue, 02 Feb 2021 12:59:40 GMT
server
cloudflare
etag
"60194cbc-1750"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGSLprx1oJqZjn2aO9VujzxnESldlRweQto6yG4Z1bVljxIyBCsbMpS1gK1TygQgE2DLOgy%2BqMBggA%2F02N0vx%2FoHbRems0s8LNwXS9%2BazsqDhD8Vf9ogwXq18WsvHza3"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88f0f4b70a1d65c2-FRA
88f0f4b3fdf265c2
spezz.exchange/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9B8A 		0
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/cdn-cgi/challenge-platform/h/b/jsd/r/88f0f4b3fdf265c2
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBYLATAMAhOElNtaqIvNjZgqwC36otVawOjRo37Kc90zcd47oRTlTF%2BIUWH5VOzEiRl4wDVZhOt4iT3PXCGhPXw8z2uPW8K4UZIcgMsNWPyypBfDhUKlAGsey7ikUV1w"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
88f0f4b7cb7965c2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
88f0f4b3fdf265c2
spezz.exchange/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9B8A 		0
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/cdn-cgi/challenge-platform/h/b/jsd/r/88f0f4b3fdf265c2
Requested by
Host: spezz.exchange
URL: https://spezz.exchange/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZDzSxfMMmgSD6tIpqTMpufkastjza%2BRK%2FEMVd7XYQ4IAOCTmMs4SOBzy9sArfWwW5Oi5eiWdE6wowIAU6Dhx4fthp0u79g4lw%2BEQ7HOrtfdDq3XJgOTogWfZIScD20i"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
88f0f4b99ed265c2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
rum
spezz.exchange/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spezz.exchange/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 Jun 2024 14:47:06 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://spezz.exchange
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88f0f4b9aee165c2-FRA
18f0e307-3e44-4810-ae7b-784b03aef0dc
app.termly.io/api/v1/snippets/websites/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0db278ae4c24401c399aed23c6359bab1c3ac3d12bfe750191f3a7e9d5a051
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rack-cors
hit
date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-encoding
gzip
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
acc82734-13ca-4b55-99bd-bd70a32e44ff
x-runtime
0.013727
server
cloudflare
etag
W/"5d0db278ae4c24401c399aed23c6359b"
access-control-max-age
600
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
vary
Origin, Accept-Encoding
cf-ray
88f0f4ba4f33bf67-WAW
expires
Wed, 05 Jun 2024 18:47:07 GMT
ip
app.termly.io/api/v1/ 		125 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/api/v1/ip
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38a8a5d44f3245c3350d3794fe026970f896b43196a1efdd3abb534acab3cb4b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rack-cors
hit
date
Wed, 05 Jun 2024 14:47:06 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1f552e55-a6cf-40ee-9e81-938f01cc4b82
x-runtime
0.007625
server
cloudflare
etag
W/"38a8a5d44f3245c3350d3794fe026970"
access-control-max-age
600
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=3600
vary
Origin
cf-ray
88f0f4ba4f35bf67-WAW
statistics
app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc/statistics
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://spezz.exchange
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f0f4bf0e1dbf67-WAW
content-security-policy
default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date
Wed, 05 Jun 2024 14:47:07 GMT
server
cloudflare
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
statistics
app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc/ 		3 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc/statistics
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://spezz.exchange/
sec-ch-ua-platform
"Win32"

Response headers

x-rack-cors
hit
date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
333df5c9-3722-42cc-ac01-27e475c6a450
x-runtime
0.027590
server
cloudflare
etag
W/"43974ed74066b207c30ffd0fed514676"
access-control-max-age
600
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin
cf-ray
88f0f4c0888ebf67-WAW
cookies
app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc/documents/8290a98d-7127-400d-bbc3-cc6663c9ee0a/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/api/v1/snippets/websites/18f0e307-3e44-4810-ae7b-784b03aef0dc/documents/8290a98d-7127-400d-bbc3-cc6663c9ee0a/cookies
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8377e8923970610ea176b997869263fdf1fa657233dbd18c44b53a9bf9f51af
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rack-cors
hit
date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-encoding
gzip
cf-cache-status
HIT
age
14591
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
4a71793c-16cc-4705-8ea6-ff1192853384
x-runtime
0.019018
server
cloudflare
etag
W/"a8377e8923970610ea176b997869263f"
access-control-max-age
600
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
vary
Origin, Accept-Encoding
cf-ray
88f0f4bf2e54bf67-WAW
expires
Wed, 05 Jun 2024 18:47:07 GMT
882.min.js
app.termly.io/resource-blocker/support/ 		481 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/support/882.min.js
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1038eb0edbc8f4bf09a148accf5a624183d014f33d9a0d1b6f3e0f60e60733d9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
6694
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 04 Jun 2024 20:51:48 GMT
server
cloudflare
etag
W/"665f7e64-1e1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88f0f4bf3c7135cc-WAW
expires
Wed, 05 Jun 2024 18:47:07 GMT
de.json
app.termly.io/resource-blocker/i18n/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/i18n/de.json
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a93cf0d8a8888e5cf2e0ec8cc6df9591e2a6e24fd4f16b195d9911b94595b78

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Csrf-Token
3ceb6d12-9881-430d-a8cb-b8f0281a001a
Referer
https://spezz.exchange/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2024 20:51:48 GMT
server
cloudflare
etag
W/"665f7e64-3495"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
88f0f4c098aebf67-WAW
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
expires
Wed, 05 Jun 2024 18:47:07 GMT
de.json
app.termly.io/resource-blocker/i18n/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/i18n/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
csrf-token
Access-Control-Request-Method
GET
Origin
https://spezz.exchange
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f0f4bf3e5fbf67-WAW
date
Wed, 05 Jun 2024 14:47:07 GMT
server
cloudflare
918.min.js
app.termly.io/resource-blocker/support/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/support/918.min.js
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a31d8f0418d67e3462ecbdac221eb1fbb8fcd98e7f27eec6dc1a13f56a7410
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6668
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 04 Jun 2024 20:51:48 GMT
server
cloudflare
etag
W/"665f7e64-3eea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88f0f4bfad6635cc-WAW
expires
Wed, 05 Jun 2024 18:47:07 GMT
701.min.js
app.termly.io/resource-blocker/support/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/support/701.min.js
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a158630c1b336c55304a4cc45771796f6ef1020a1b6aee357debcb44cdb5df4f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6545
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 04 Jun 2024 20:51:48 GMT
server
cloudflare
etag
W/"665f7e64-11fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88f0f4bfad6d35cc-WAW
expires
Wed, 05 Jun 2024 18:47:07 GMT
955.min.js
app.termly.io/resource-blocker/support/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/support/955.min.js
Requested by
Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099338ecde8e82308c451deb4f94e4ed6770665a977edf1ba508007013e6551c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://spezz.exchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:47:07 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
6670
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 04 Jun 2024 20:51:48 GMT
server
cloudflare
etag
W/"665f7e64-1ad7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88f0f4c05e9b35cc-WAW
expires
Wed, 05 Jun 2024 18:47:07 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR object| __cfBeacon function| $ function| jQuery object| bootstrap function| setUpSpecialNavs function| extraNavFuncs function| scrollToTarget function| animateWhenVisible function| setUpDropdownSubs function| stickyNavToggle function| getBlocBgColor function| hideAll function| inViewCheck function| scrollToTopView function| setUpVisibilityToggle function| setUpClassToggle function| setUpLightBox function| addKeyBoardSupport function| addLightBoxSwipeSupport function| setUpImgProtection function| reCalculateParallax function| sameHeight boolean| __cfRLUnblockHandlers object| webpackChunk_termly_web_resource_blocker boolean| TERMLY_RESOURCE_BLOCKER_LOADED object| Termly function| getUpdatedCookieWhitelistByTermly function| getCookieWhitelistByTermly object| dataLayer object| __REACT_INTL_CONTEXT__ function| displayPreferenceModal function| termlyUnblockingCookies object| termlyCookies

2 Cookies

Domain/Path Name / Value
.spezz.exchange/ Name: cf_clearance
Value: jhbE6UQJyra26M_qRgsMmZpVPsGRTa2bvm6C75Ue_5E-1717598826-1.0.1.1-SRCQrsRfsPsE5VhXV0EIu0NM.M4AS3unIB8hxMfw1OmKleje2z.acx7G4XuSwHaPhhWOV_kxGyRDUlgP9pysMA
spezz.exchange/ Name: csrf_token
Value: 3ceb6d12-9881-430d-a8cb-b8f0281a001a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.termly.io
spezz.exchange
static.cloudflareinsights.com
104.18.30.234
172.67.68.104
2606:4700::6810:4f49
01f14e4d5024cb2c8d5287de52649d36e9ff92f423a713ba128f4cbf1050e2ca
099338ecde8e82308c451deb4f94e4ed6770665a977edf1ba508007013e6551c
1038eb0edbc8f4bf09a148accf5a624183d014f33d9a0d1b6f3e0f60e60733d9
33b877d80a7e91db6f1228ac2c0364c796e6fa05932e1cf81e43af9d688398e9
38a8a5d44f3245c3350d3794fe026970f896b43196a1efdd3abb534acab3cb4b
3a93cf0d8a8888e5cf2e0ec8cc6df9591e2a6e24fd4f16b195d9911b94595b78
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
525370268e6ac15c04226c24f8cb1c331eb8ef2bbd22991eece38114af12d9fb
5d0db278ae4c24401c399aed23c6359bab1c3ac3d12bfe750191f3a7e9d5a051
61fd07a7f7b7a1d2e087bf8cef5cf57a3dbbcce98bb9de71741550317734f5a3
7bf1ed945f788d355c903ef8d5b8b20aea2d81c40000f61931025b2735b0b560
a158630c1b336c55304a4cc45771796f6ef1020a1b6aee357debcb44cdb5df4f
a8377e8923970610ea176b997869263fdf1fa657233dbd18c44b53a9bf9f51af
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d406936ab00ca380cdadf101b72fafdf2fc2ebc192e7153113c941d055bec5d1
df53d2d65d37d52f4d7e6e4a8e4b3bf50bab99633e1370ead18ab97f4cbb36f5
e14821e26f0b13c6f8b43ab5988f6a0f742447e3da85b7f836af2092871e503f
e251b06d052a37fb588fdcf1dea13daff6953c74e3c49ab899111988df7c6e1b
e3a31d8f0418d67e3462ecbdac221eb1fbb8fcd98e7f27eec6dc1a13f56a7410
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fe847e861ec62ffc3cab3c5d313ddd88d96371a7933a18cb58de76420cb55875
ffca521cff7a92d1aa4896ecc658b9fd0b25d3ac003236071630421f41f27f5a