URL: https://exchange.simdex.org/
Submission: On June 22 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 37 HTTP transactions. The main IP is 66.42.113.4, located in Elk Grove Village, United States and belongs to AS-CHOOPA, US. The main domain is exchange.simdex.org.
TLS certificate: Issued by R11 on June 21st 2024. Valid for: 3 months.
This is the only time exchange.simdex.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 66.42.113.4 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
8 2607:f1c0:100... 8560 (IONOS-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2602:816:5001... 54113 (FASTLY)
37 9
Apex Domain
Subdomains
Transfer
20 simdex.org
exchange.simdex.org
322 KB
8 health-exchange.net
health-exchange.net
228 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
2 gstatic.com
fonts.gstatic.com
70 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 900
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
90 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
6 KB
0 nr-data.net Failed
bam.nr-data.net Failed
37 8
Domain Requested by
20 exchange.simdex.org exchange.simdex.org
8 health-exchange.net exchange.simdex.org
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com exchange.simdex.org
www.google-analytics.com
1 js-agent.newrelic.com exchange.simdex.org
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.googleapis.com exchange.simdex.org
0 bam.nr-data.net Failed js-agent.newrelic.com
37 9

This site contains links to these domains. Also see Links.

Domain
health-exchange.net
Subject Issuer Validity Valid
exchange.simdex.org
R11
2024-06-21 -
2024-09-19
3 months crt.sh
upload.video.google.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.health-exchange.net
Encryption Everywhere DV TLS CA - G2
2023-07-28 -
2024-08-11
a year crt.sh
*.google-analytics.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.gstatic.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://exchange.simdex.org/
Frame ID: BB8B69C4EC55F5EB2E504FDA59E17D80
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

New Exchange – Multilingual Health Resources

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

767 kB
Transfer

1438 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
exchange.simdex.org/
63 KB
19 KB
Document
General
Full URL
https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PHP/8.2.20 PleskLin
Resource Hash
2ddfd05c579575e121f9a8062d3f7f374e54b827b8308c2dd14c316a3bfa74c5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
18616
content-type
text/html; charset=UTF-8
date
Sat, 22 Jun 2024 13:23:37 GMT
link
<https://exchange.simdex.org/wp-json/>; rel="https://api.w.org/", <https://exchange.simdex.org/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://exchange.simdex.org/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.20 PleskLin
css
fonts.googleapis.com/
131 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400%2C700%2C700italic%2C400italic%7COpen+Sans+Condensed:300%2C700%7CAlegreya:400%2C400italic%2C700%2C700italic%7CAlegreya+Sans:400%2C400italic%2C700%2C700italic%7CDroid+Sans:400%2C700%7CDroid+Serif:400%2C400italic%2C700%2C700italic%7CExo+2:400%2C700%7CLato:400%2C400italic%2C700%2C700italic%7CLora:400%2C400italic%2C700%2C700italic%7CArvo:400%2C700%2C400italic%2C700italic%7CRoboto:400%2C400italic%2C700%2C700italic%7CRoboto+Condensed:400%2C700%7CRoboto+Slab:400%2C700%7CArchivo+Black%7CSource+Sans+Pro:400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro:400%2C700%7CVollkorn:400%2C400italic%2C700%2C700italic%7CArimo:400%2C700%7CTinos:400%2C400italic%2C700%2C700italic%7CRoboto+Mono:400%2C700%7CInconsolata%7CHandlee%7CUltra&subset=latin%2Clatin-ext
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad9e1b1bb4c020fc25d30fabcbdd31085c1644f008024976b79d7ed60d903160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 22 Jun 2024 13:23:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Jun 2024 13:23:37 GMT
fonts.min.css
exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/css/
26 KB
16 KB
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/css/fonts.min.css?ver=3.1.8
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
a944787e933b4d979bd3421f29f2609a9a6af5b5d4b61fa401e152631746771a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:55:34 GMT
server
nginx
etag
W/"65303836-6668"
x-powered-by
PleskLin
content-type
text/css
style-weaverx.min.css
exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/css/
64 KB
13 KB
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/css/style-weaverx.min.css?ver=3.1.8
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
00e30b061dddb02c44bdafee5f272fc530858abc91a4fc6f00b8f9a82959f088

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:48:57 GMT
server
nginx
etag
W/"653036a9-fe75"
x-powered-by
PleskLin
content-type
text/css
style.min.css
exchange.simdex.org/wp-includes/css/dist/block-library/
93 KB
11 KB
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.6
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:54:05 GMT
server
nginx
etag
W/"653037dd-1732d"
x-powered-by
PleskLin
content-type
text/css
classic-themes.min.css
exchange.simdex.org/wp-includes/css/
217 B
395 B
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 19:55:02 GMT
server
nginx
x-accel-version
0.01
etag
"d9-6080303cdb180-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
189
styles.css
exchange.simdex.org/wp-content/plugins/contact-form-7/includes/css/
3 KB
959 B
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:44:11 GMT
server
nginx
etag
W/"6530358b-a50"
x-powered-by
PleskLin
content-type
text/css
atw-posts-style.min.css
exchange.simdex.org/wp-content/plugins/show-posts/
3 KB
930 B
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-content/plugins/show-posts/atw-posts-style.min.css?ver=1.5.1
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
b51da34d47da24023d391e5e1787487b32ba681e02298dd27c3cf2567191cd8d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:56:11 GMT
server
nginx
etag
W/"6530385b-cfb"
x-powered-by
PleskLin
content-type
text/css
style-weaverxt.css
exchange.simdex.org/wp-content/uploads/weaverx-subthemes/
19 KB
3 KB
Stylesheet
General
Full URL
https://exchange.simdex.org/wp-content/uploads/weaverx-subthemes/style-weaverxt.css?ver=336
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
6769fbd960e5121af1ad918457001487b7f127193c8b007412c924e3308420c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:43:49 GMT
server
nginx
etag
W/"65303575-4bd5"
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
exchange.simdex.org/wp-includes/js/jquery/
88 KB
30 KB
Script
General
Full URL
https://exchange.simdex.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 20:00:03 GMT
server
nginx
etag
W/"65303943-15e54"
x-powered-by
PleskLin
content-type
text/javascript
jquery-migrate.min.js
exchange.simdex.org/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://exchange.simdex.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 20:00:47 GMT
server
nginx
etag
W/"6530396f-2bd8"
x-powered-by
PleskLin
content-type
text/javascript
weaverxjslib.min.js
exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/js/
10 KB
3 KB
Script
General
Full URL
https://exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/js/weaverxjslib.min.js?ver=3.1.8
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
016dfe8130cb146bf9f98ba5b367e77b7fd472140904794a328cab7b7217ce65

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:37 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:57:32 GMT
server
nginx
etag
W/"653038ac-2805"
x-powered-by
PleskLin
content-type
text/javascript
transparentlogo.gif
exchange.simdex.org/wp-content/uploads/2017/07/
3 KB
3 KB
Image
General
Full URL
https://exchange.simdex.org/wp-content/uploads/2017/07/transparentlogo.gif
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
4385a9fbfc55fc27424ceb1e44b29af41d02d54fb10c247cb6e83efcc418b306

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Wed, 18 Oct 2023 19:52:13 GMT
server
nginx
etag
"6530376d-d37"
x-powered-by
PleskLin
content-type
image/gif
accept-ranges
bytes
content-length
3383
DocAndKid.jpg
exchange.simdex.org/wp-content/uploads/2017/11/
195 KB
195 KB
Image
General
Full URL
https://exchange.simdex.org/wp-content/uploads/2017/11/DocAndKid.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
1475e68065bc73e9c1b73aa7fafdcf8027caadb8582740ada634326fbc46629f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Wed, 18 Oct 2023 19:49:44 GMT
server
nginx
etag
"653036d8-30bd2"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
199634
TipofWeekBoxCX-300x201.jpg
health-exchange.net/wp-content/uploads/2017/07/
9 KB
9 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/TipofWeekBoxCX-300x201.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b9e581e76780b782a997a37bb1ad921c7686816748ceadb74e120137e35c4ff8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"2456-564b950a0dc00"
content-length
9302
content-type
image/jpeg
translationboxindex-300x201.jpg
health-exchange.net/wp-content/uploads/2017/07/
8 KB
8 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/translationboxindex-300x201.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
df264126d49dc29144597c458dc294235c25c01e709bbb1648d33ad19e20bd1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"200f-564b950a0dc00"
content-length
8207
content-type
image/jpeg
TrainingResourcesBox.jpg
health-exchange.net/wp-content/uploads/2017/07/
56 KB
56 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/TrainingResourcesBox.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
52c1704f06ad4c6e29d205596b2d43e4f6db531b071735a621f90b6417b99fa4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"e108-564b950a0dc00"
content-length
57608
content-type
image/jpeg
stethoscopeicon.jpg
health-exchange.net/wp-content/uploads/2017/07/
26 KB
26 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/stethoscopeicon.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
ba0dfe4bf7657cbe2cd1b855916967ae0a1afff4280816eb12bc6a3505d6d3ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"68dd-564b950a0dc00"
content-length
26845
content-type
image/jpeg
footerJoinExchange.jpg
health-exchange.net/wp-content/uploads/2017/07/
44 KB
44 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/footerJoinExchange.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
fd81757af4034820a3b7d50015d612a9cebe65f9c604911919a978ed5e8b4889

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"aeee-564b950a0dc00"
content-length
44782
content-type
image/jpeg
subscribeTipFooter.jpg
health-exchange.net/wp-content/uploads/2017/07/
29 KB
29 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/subscribeTipFooter.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0a4c723855712447640650b8a53c2a298fc54760c60f3290a0f700eeda0c8660

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"7531-564b950a0dc00"
content-length
30001
content-type
image/jpeg
weaverxjslib-end.min.js
exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/js/
11 KB
3 KB
Script
General
Full URL
https://exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/js/weaverxjslib-end.min.js?ver=3.1.8
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
81d26ea714a04212df4bac76be7ff03e4ed8a099e7189937f9e80826bbc9d226

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:44:35 GMT
server
nginx
etag
W/"653035a3-2bb0"
x-powered-by
PleskLin
content-type
text/javascript
regenerator-runtime.min.js
exchange.simdex.org/wp-includes/js/dist/vendor/
6 KB
2 KB
Script
General
Full URL
https://exchange.simdex.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:48:00 GMT
server
nginx
etag
W/"65303670-194b"
x-powered-by
PleskLin
content-type
text/javascript
wp-polyfill.min.js
exchange.simdex.org/wp-includes/js/dist/vendor/
17 KB
6 KB
Script
General
Full URL
https://exchange.simdex.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:40:25 GMT
server
nginx
etag
W/"653034a9-459f"
x-powered-by
PleskLin
content-type
text/javascript
index.js
exchange.simdex.org/wp-content/plugins/contact-form-7/includes/js/
13 KB
4 KB
Script
General
Full URL
https://exchange.simdex.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:56:06 GMT
server
nginx
etag
W/"65303856-34ad"
x-powered-by
PleskLin
content-type
text/javascript
wp-emoji-release.min.js
exchange.simdex.org/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://exchange.simdex.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.6
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
content-encoding
br
last-modified
Wed, 18 Oct 2023 19:44:17 GMT
server
nginx
etag
W/"65303591-48b9"
x-powered-by
PleskLin
content-type
text/javascript
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Jun 2024 11:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6155
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 22 Jun 2024 13:41:03 GMT
search-gray.png
exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/css/icons/
2 KB
2 KB
Image
General
Full URL
https://exchange.simdex.org/wp-content/themes/weaver-xtreme/assets/css/icons/search-gray.png
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/wp-content/uploads/weaverx-subthemes/style-weaverxt.css?ver=336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
2d1c5e6ffbbe37cc4e076f3d1e3612965bfdff6ed400f8943266b71f40cabf76

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/wp-content/uploads/weaverx-subthemes/style-weaverxt.css?ver=336
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Wed, 18 Oct 2023 19:44:59 GMT
server
nginx
etag
"653035bb-697"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
1687
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400%2C700%2C700italic%2C400italic%7COpen+Sans+Condensed:300%2C700%7CAlegreya:400%2C400italic%2C700%2C700italic%7CAlegreya+Sans:400%2C400italic%2C700%2C700italic%7CDroid+Sans:400%2C700%7CDroid+Serif:400%2C400italic%2C700%2C700italic%7CExo+2:400%2C700%7CLato:400%2C400italic%2C700%2C700italic%7CLora:400%2C400italic%2C700%2C700italic%7CArvo:400%2C700%2C400italic%2C700italic%7CRoboto:400%2C400italic%2C700%2C700italic%7CRoboto+Condensed:400%2C700%7CRoboto+Slab:400%2C700%7CArchivo+Black%7CSource+Sans+Pro:400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro:400%2C700%7CVollkorn:400%2C400italic%2C700%2C700italic%7CArimo:400%2C700%7CTinos:400%2C400italic%2C700%2C700italic%7CRoboto+Mono:400%2C700%7CInconsolata%7CHandlee%7CUltra&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://exchange.simdex.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:16:21 GMT
x-content-type-options
nosniff
age
338837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:16:21 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400%2C700%2C700italic%2C400italic%7COpen+Sans+Condensed:300%2C700%7CAlegreya:400%2C400italic%2C700%2C700italic%7CAlegreya+Sans:400%2C400italic%2C700%2C700italic%7CDroid+Sans:400%2C700%7CDroid+Serif:400%2C400italic%2C700%2C700italic%7CExo+2:400%2C700%7CLato:400%2C400italic%2C700%2C700italic%7CLora:400%2C400italic%2C700%2C700italic%7CArvo:400%2C700%2C400italic%2C700italic%7CRoboto:400%2C400italic%2C700%2C700italic%7CRoboto+Condensed:400%2C700%7CRoboto+Slab:400%2C700%7CArchivo+Black%7CSource+Sans+Pro:400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro:400%2C700%7CVollkorn:400%2C400italic%2C700%2C700italic%7CArimo:400%2C700%7CTinos:400%2C400italic%2C700%2C700italic%7CRoboto+Mono:400%2C700%7CInconsolata%7CHandlee%7CUltra&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://exchange.simdex.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:48:19 GMT
x-content-type-options
nosniff
age
340519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22476
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:48:19 GMT
translationicon.jpg
health-exchange.net/wp-content/uploads/2017/07/
27 KB
28 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/translationicon.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1a675205de2dabaf423e96d74bc0f2d556c7f34fb43b5d8b62d42fc3f0475a0c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"6d79-564b950a0dc00"
content-length
28025
content-type
image/jpeg
scalesicon.jpg
health-exchange.net/wp-content/uploads/2017/07/
27 KB
27 KB
Image
General
Full URL
https://health-exchange.net/wp-content/uploads/2017/07/scalesicon.jpg
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::286 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
726094a4b0c0161374773e668a4cb2acd6312d9a99a33fae3f407a4c2cc9b342

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
last-modified
Thu, 08 Feb 2018 20:32:48 GMT
server
Apache
accept-ranges
bytes
etag
"6b44-564b950a0dc00"
content-length
27460
content-type
image/jpeg
collect
www.google-analytics.com/j/
15 B
224 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1611919382&t=pageview&_s=1&dl=https%3A%2F%2Fexchange.simdex.org%2F&ul=de-de&de=UTF-8&dt=New%20Exchange%20%E2%80%93%20Multilingual%20Health%20Resources&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=395770820&gjid=871412105&cid=1884569119.1719062618&tid=UA-2619010-1&_gid=466715702.1719062618&_r=1&_slc=1&z=1619347226
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c64521ea45083d6f7ffc29eaf0d2aef75e604ce6228bc19d2e4a5121af4e7598
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exchange.simdex.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb

Request headers

Referer
Origin
https://exchange.simdex.org
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/
251 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1H8T0XCFXP&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbd4511d12f3fc02f3c54943cdf1a3c39818ab77696054f5ebdf9bf374a78430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91819
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 22 Jun 2024 13:23:38 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1H8T0XCFXP&gtm=45je46j0v9109463302za200&_p=1719062618512&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1884569119.1719062618&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fexchange.simdex.org%2F&dt=New%20Exchange%20%E2%80%93%20Multilingual%20Health%20Resources&sid=1719062618&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2417&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1H8T0XCFXP&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:23:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exchange.simdex.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-rum-1.260.1.min.js
js-agent.newrelic.com/
50 KB
16 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-rum-1.260.1.min.js
Requested by
Host: exchange.simdex.org
URL: https://exchange.simdex.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6da25b260ec64d32f9bbcc4ea288de2c7c8f10b937f0fa20e6d732c78ef01833
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Origin
https://exchange.simdex.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
raocR3Uv2ABMSTXBpS9IrgeVUtOtDkTF
content-encoding
br
via
1.1 varnish
date
Sat, 22 Jun 2024 13:23:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
4P9RNW38JPJXT149
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15976
x-amz-id-2
/5WVM9MLt3rlcSrP11EDQ/3ZaxItwsKir2KcnJ7ibsuXyqzajseBTX7Up1y4yPYMZEk1W412Akc=
x-served-by
cache-fra-eddf8230143-FRA
last-modified
Mon, 20 May 2024 17:44:48 GMT
server
AmazonS3
etag
"e08d93f66108e56e014e2871a4460ec9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
56104
cropped-exchange-icon-1-32x32.jpg
exchange.simdex.org/wp-content/uploads/2021/01/
987 B
1 KB
Other
General
Full URL
https://exchange.simdex.org/wp-content/uploads/2021/01/cropped-exchange-icon-1-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.42.113.4 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
plesk.simdex.org
Software
nginx / PleskLin
Resource Hash
1c4c7118601d8c09118ad3ab4c0128fd236446fd9c5813caeb89afac9f0e42d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://exchange.simdex.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:23:39 GMT
last-modified
Wed, 18 Oct 2023 19:46:51 GMT
server
nginx
x-accel-version
0.01
etag
"3db-60802e689a0c0"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
987
da4a8f9aaf
bam.nr-data.net/1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/da4a8f9aaf?a=83078106&v=1.260.1&to=ZAFUNUBSV0BVBk0MVl1LdwJGWlZdGxVYAlw%3D&rst=2796&ck=0&s=7a2304778656fb4e&ref=https://exchange.simdex.org/&ptid=7809287157cce10f&ap=746&be=1470&fe=1273&dc=629&at=SEZXQwhIRE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1719062616368,%22n%22:0,%22f%22:0,%22dn%22:27,%22dne%22:27,%22c%22:27,%22s%22:139,%22ce%22:323,%22rq%22:323,%22rp%22:1470,%22rpe%22:1501,%22di%22:2096,%22ds%22:2096,%22de%22:2099,%22dc%22:2741,%22l%22:2741,%22le%22:2743%7D,%22navigation%22:%7B%7D%7D&fp=1900&fcp=1900

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| NREUM object| webpackChunk:NRBA-1.260.1.PROD object| newrelic object| _wpemojiSettings undefined| $ function| jQuery object| wvrxOpts function| weaverxBrowserWidth function| weaverxOnResize function| addResizeListener function| removeResizeListener string| GoogleAnalyticsObject function| ga object| wvrxEndOpts function| weaverx_ToggleDIV function| wvrxFlowColor function| weaverxScrollbarClass function| weaverxFullWidth function| weaverxWidgetEq function| weaverxBottomFooter function| weaverxResizeEnd function| weaverxBrowserResizeEnd function| weaverx_js_update function| weaverxMonitorContent object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| twemoji object| wp object| dataLayer object| google_tag_manager

4 Cookies

Domain/Path Name / Value
.simdex.org/ Name: _ga
Value: GA1.2.1884569119.1719062618
.simdex.org/ Name: _gid
Value: GA1.2.466715702.1719062618
.simdex.org/ Name: _gat
Value: 1
.simdex.org/ Name: _ga_1H8T0XCFXP
Value: GS1.2.1719062618.1.0.1719062618.0.0.0

2 Console Messages

Source Level URL
Text
javascript error URL: https://exchange.simdex.org/
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/da4a8f9aaf?a=83078106&v=1.260.1&to=ZAFUNUBSV0BVBk0MVl1LdwJGWlZdGxVYAlw%3D&rst=2796&ck=0&s=7a2304778656fb4e&ref=https://exchange.simdex.org/&ptid=7809287157cce10f&ap=746&be=1470&fe=1273&dc=629&at=SEZXQwhIRE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1719062616368,%22n%22:0,%22f%22:0,%22dn%22:27,%22dne%22:27,%22c%22:27,%22s%22:139,%22ce%22:323,%22rq%22:323,%22rp%22:1470,%22rpe%22:1501,%22di%22:2096,%22ds%22:2096,%22de%22:2099,%22dc%22:2741,%22l%22:2741,%22le%22:2743%7D,%22navigation%22:%7B%7D%7D&fp=1900&fcp=1900' from origin 'https://exchange.simdex.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/da4a8f9aaf?a=83078106&v=1.260.1&to=ZAFUNUBSV0BVBk0MVl1LdwJGWlZdGxVYAlw%3D&rst=2796&ck=0&s=7a2304778656fb4e&ref=https://exchange.simdex.org/&ptid=7809287157cce10f&ap=746&be=1470&fe=1273&dc=629&at=SEZXQwhIRE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1719062616368,%22n%22:0,%22f%22:0,%22dn%22:27,%22dne%22:27,%22c%22:27,%22s%22:139,%22ce%22:323,%22rq%22:323,%22rp%22:1470,%22rpe%22:1501,%22di%22:2096,%22ds%22:2096,%22de%22:2099,%22dc%22:2741,%22l%22:2741,%22le%22:2743%7D,%22navigation%22:%7B%7D%7D&fp=1900&fcp=1900
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
exchange.simdex.org
fonts.googleapis.com
fonts.gstatic.com
health-exchange.net
js-agent.newrelic.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
bam.nr-data.net
2001:4860:4802:32::36
2602:816:5001::39
2607:f1c0:100f:f000::286
2a00:1450:4001:80e::2008
2a00:1450:4001:812::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:82f::2003
66.42.113.4
00e30b061dddb02c44bdafee5f272fc530858abc91a4fc6f00b8f9a82959f088
016dfe8130cb146bf9f98ba5b367e77b7fd472140904794a328cab7b7217ce65
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
0a4c723855712447640650b8a53c2a298fc54760c60f3290a0f700eeda0c8660
1475e68065bc73e9c1b73aa7fafdcf8027caadb8582740ada634326fbc46629f
1a675205de2dabaf423e96d74bc0f2d556c7f34fb43b5d8b62d42fc3f0475a0c
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1c4c7118601d8c09118ad3ab4c0128fd236446fd9c5813caeb89afac9f0e42d8
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb
2d1c5e6ffbbe37cc4e076f3d1e3612965bfdff6ed400f8943266b71f40cabf76
2ddfd05c579575e121f9a8062d3f7f374e54b827b8308c2dd14c316a3bfa74c5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4385a9fbfc55fc27424ceb1e44b29af41d02d54fb10c247cb6e83efcc418b306
52c1704f06ad4c6e29d205596b2d43e4f6db531b071735a621f90b6417b99fa4
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6769fbd960e5121af1ad918457001487b7f127193c8b007412c924e3308420c3
6da25b260ec64d32f9bbcc4ea288de2c7c8f10b937f0fa20e6d732c78ef01833
726094a4b0c0161374773e668a4cb2acd6312d9a99a33fae3f407a4c2cc9b342
81d26ea714a04212df4bac76be7ff03e4ed8a099e7189937f9e80826bbc9d226
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
a944787e933b4d979bd3421f29f2609a9a6af5b5d4b61fa401e152631746771a
ad9e1b1bb4c020fc25d30fabcbdd31085c1644f008024976b79d7ed60d903160
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b51da34d47da24023d391e5e1787487b32ba681e02298dd27c3cf2567191cd8d
b9e581e76780b782a997a37bb1ad921c7686816748ceadb74e120137e35c4ff8
ba0dfe4bf7657cbe2cd1b855916967ae0a1afff4280816eb12bc6a3505d6d3ef
c64521ea45083d6f7ffc29eaf0d2aef75e604ce6228bc19d2e4a5121af4e7598
cbd4511d12f3fc02f3c54943cdf1a3c39818ab77696054f5ebdf9bf374a78430
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df264126d49dc29144597c458dc294235c25c01e709bbb1648d33ad19e20bd1a
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
fd81757af4034820a3b7d50015d612a9cebe65f9c604911919a978ed5e8b4889