Submitted URL: https://pediatrics21.com/
Effective URL: https://www.pediatrics21.com/
Submission Tags: phishingrod
Submission: On June 12 via api from DE — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 38 HTTP transactions. The main IP is 172.67.162.212, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pediatrics21.com.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.
This is the only time www.pediatrics21.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 172.67.162.212 13335 (CLOUDFLAR...)
6 2606:4700:440... 13335 (CLOUDFLAR...)
2 50.57.205.124 19994 (RACKSPACE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2602:816:5001... 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
2 172.67.175.78 13335 (CLOUDFLAR...)
3 104.17.25.14 13335 (CLOUDFLAR...)
38 15
Apex Domain
Subdomains
Transfer
12 pediatrics21.com
pediatrics21.com
www.pediatrics21.com
728 KB
6 ibsrv.net
cdcssl.ibsrv.net — Cisco Umbrella Rank: 90872
69 KB
4 ibsmb.com
smbleads.ibsmb.com — Cisco Umbrella Rank: 122297
18 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
25 KB
3 google.com
maps.google.com — Cisco Umbrella Rank: 2257
185 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
15 KB
2 gstatic.com
fonts.gstatic.com
43 KB
2 elocallink.tv
elocallink.tv — Cisco Umbrella Rank: 146233
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 296
708 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 893
29 KB
1 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 391
360 B
1 officite.com
apps.officite.com — Cisco Umbrella Rank: 197319
2 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1017
10 KB
38 13
Domain Requested by
11 www.pediatrics21.com www.pediatrics21.com
6 cdcssl.ibsrv.net www.pediatrics21.com
4 smbleads.ibsmb.com www.pediatrics21.com
smbleads.ibsmb.com
3 cdnjs.cloudflare.com smbleads.ibsmb.com
3 maps.google.com www.pediatrics21.com
maps.google.com
2 www.youtube.com www.pediatrics21.com
www.youtube.com
2 fonts.gstatic.com www.pediatrics21.com
2 elocallink.tv www.pediatrics21.com
1 bam.nr-data.net www.pediatrics21.com
1 js-agent.newrelic.com www.pediatrics21.com
1 maps.googleapis.com www.pediatrics21.com
1 apps.officite.com www.pediatrics21.com
1 unpkg.com www.pediatrics21.com
1 pediatrics21.com 1 redirects
38 14
Subject Issuer Validity Valid
pediatrics21.com
WE1
2024-06-12 -
2024-09-10
3 months crt.sh
ibsrv.net
E1
2024-06-03 -
2024-09-01
3 months crt.sh
elocallink.tv
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-12 -
2025-03-14
a year crt.sh
*.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
unpkg.com
GTS CA 1P5
2024-05-30 -
2024-08-28
3 months crt.sh
officite.com
WE1
2024-06-07 -
2024-09-05
3 months crt.sh
ibsmb.com
GTS CA 1P5
2024-05-28 -
2024-08-26
3 months crt.sh
upload.video.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.gstatic.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-29 -
2024-10-01
a year crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.pediatrics21.com/
Frame ID: E66B9977F401258E194C103331A9B4C7
Requests: 37 HTTP requests in this frame

Frame: https://elocallink.tv/e/?v=jVH&ap=1
Frame ID: 163DBD22DCA842B0B212674824F4F84E
Requests: 1 HTTP requests in this frame

Frame: https://elocallink.tv/e/?v=jVH&ap=1
Frame ID: F86DB6F9A5EFB84ABA7AE161327AE316
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Site Map - Pediatrics 21 - Pediatrics for Family Health

Page URL History Show full URLs

  1. https://pediatrics21.com/ HTTP 301
    http://www.pediatrics21.com/ HTTP 307
    https://www.pediatrics21.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

15
IPs

3
Countries

1125 kB
Transfer

2839 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pediatrics21.com/ HTTP 301
    http://www.pediatrics21.com/ HTTP 307
    https://www.pediatrics21.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.pediatrics21.com/
Redirect Chain
  • https://pediatrics21.com/
  • http://www.pediatrics21.com/
  • https://www.pediatrics21.com/
94 KB
29 KB
Document
General
Full URL
https://www.pediatrics21.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebee2269c9d2fb4c5eb0998dc2445df27ee2e60e4881710720a9b8b2b2d9948a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private max-age=172800
cf-cache-status
DYNAMIC
cf-ray
89274cc64b0e1952-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 12 Jun 2024 05:04:24 GMT
expires
Fri, 14 Jun 2024 05:04:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xArloP0IQD44mlrWT3s%2BEUxAMZqfj5Ii5hSW7R1DZ2v0OOi9ZXWzpMG8EDjAMcgWlpMZG0b9SRUR1GEJr9%2F%2FNulOf56o2xdnqL2ZWxGvO7gOuzgmoy2IXsBzRUfsRK2fnSd4RMLzIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin
x-webmgr
1
x-webmgr-brand
officite
x-webmgr-cache
HIT
x-webmgr-ct-timestamp
1718097274721289
x-webmgr-opt-time
2024-06-12 02:47:18
x-webmgr-ple
1
x-webmgr-siteid
76831
x-webmgr-theme
malleable

Redirect headers

Location
https://www.pediatrics21.com/
Non-Authoritative-Reason
HttpsUpgrades
db45ac8f3591af614eceb16b4650b0c5.opt-min.cr.css
www.pediatrics21.com/storage/opt/
377 KB
46 KB
Stylesheet
General
Full URL
https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cr.css
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c477e68660b7515eda8a0ae1d120b5fee6a42ec678fe9099bcb07ce9d896b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46746
last-modified
Tue, 11 Jun 2024 09:14:38 GMT
server
cloudflare
etag
"5e38c-61a99b1febd59-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDkiCadL1E%2BgK12PBLt5EjZc1KXkEkd9flR0TgVEZuEfiWJwYSuqZ9B3xq6jnbUJum4Ju3obwvRQxfLKHuko1ZbFSC7o%2BO622G%2FFtBbLjzfLV6cOtBbk6fGlp407ptSML1R%2FPhvy%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
89274cc82ca31952-FRA
expires
Thu, 12 Jun 2025 05:04:24 GMT
logo3-1.png.webp
cdcssl.ibsrv.net/ibimg/smb/228x198_80/webmgr/1n/a/7/
4 KB
4 KB
Image
General
Full URL
https://cdcssl.ibsrv.net/ibimg/smb/228x198_80/webmgr/1n/a/7/logo3-1.png.webp?b21fac0ea5e0c3059d67f4c66468a6d6
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76707ab9be14f9b16bc537a99c9365cec0dda235202696bc322c412994708db6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
cf-cache-status
HIT
last-modified
Mon, 13 May 2024 07:26:24 GMT
server
cloudflare
age
10538
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1296000
content-transfer-encoding
binary
content-disposition
filename=logo3-1.png.webp;
accept-ranges
bytes
cf-ray
89274cc87a254dbe-FRA
content-length
3598
expires
Thu, 27 Jun 2024 05:04:24 GMT
js-defer.js
www.pediatrics21.com/storage/opt/
12 KB
6 KB
Script
General
Full URL
https://www.pediatrics21.com/storage/opt/js-defer.js
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5475
last-modified
Wed, 12 Jun 2024 03:12:59 GMT
server
cloudflare
etag
"30d4-61aa8c275720d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaDOiJqlbbmY64XObqdpQ7ocDJkd1T5brIO4gZ4xiboU5ih1Xvph%2BM3ro7hb1AOwcbKXcvXohVxC7fzLclUlw%2BCqD6N7i6MrbMF9FPAZ37ip4%2FzE8MF9T4NXDIs3HrT2%2B6BMPEj%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
89274cc8fd531952-FRA
expires
Thu, 12 Jun 2025 05:04:24 GMT
/
elocallink.tv/e/ Frame 163D
0
0
Document
General
Full URL
https://elocallink.tv/e/?v=jVH&ap=1
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.57.205.124 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
www.elocallink.tv
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.pediatrics21.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Jun 2024 05:04:24 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
bg_header.png.webp
cdcssl.ibsrv.net/ibimg/smb/201x448_80/webmgr/1n/a/7/
752 B
861 B
Image
General
Full URL
https://cdcssl.ibsrv.net/ibimg/smb/201x448_80/webmgr/1n/a/7/bg_header.png.webp?5367f46e6809541f4e311310074a8482
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca0b67fb972bb440b8b49fceee5198d80b30eb6d1e31099d896562cd7ac6b28

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 04:47:07 GMT
server
cloudflare
age
10538
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1296000
content-transfer-encoding
binary
content-disposition
filename=bg_header.png.webp;
accept-ranges
bytes
cf-ray
89274cc98b484dbe-FRA
content-length
752
expires
Thu, 27 Jun 2024 05:04:24 GMT
facebook-1.png.webp
cdcssl.ibsrv.net/ibimg/smb/50x50_80/webmgr/1n/a/7/
796 B
950 B
Image
General
Full URL
https://cdcssl.ibsrv.net/ibimg/smb/50x50_80/webmgr/1n/a/7/facebook-1.png.webp?6a2b9ed382e17119336adb96607b8d26
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49a3bacbf036fb0ecc6639729d9e7ad76d5e1631b18a7adcbe7d29b7d497d98a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
cf-cache-status
HIT
last-modified
Wed, 22 May 2024 13:36:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1296000
content-transfer-encoding
binary
content-disposition
filename=facebook-1.png.webp;
accept-ranges
bytes
cf-ray
89274cc98b4a4dbe-FRA
content-length
796
expires
Thu, 27 Jun 2024 05:04:25 GMT
twitter.png.webp
cdcssl.ibsrv.net/ibimg/smb/50x50_80/webmgr/1n/a/7/
874 B
981 B
Image
General
Full URL
https://cdcssl.ibsrv.net/ibimg/smb/50x50_80/webmgr/1n/a/7/twitter.png.webp?bd923dc507d9dd1a9bcec0ad0ace709b
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c00a5866df3521c4fbdea6e4a89f37107df315bbe01af0be60f2aafb0f69b7c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Jun 2024 14:01:00 GMT
server
cloudflare
age
10538
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1296000
content-transfer-encoding
binary
content-disposition
filename=twitter.png.webp;
accept-ranges
bytes
cf-ray
89274cc98b4f4dbe-FRA
content-length
874
expires
Thu, 27 Jun 2024 05:04:24 GMT
blog.png.webp
cdcssl.ibsrv.net/ibimg/smb/50x50_80/webmgr/1n/a/7/
1 KB
1 KB
Image
General
Full URL
https://cdcssl.ibsrv.net/ibimg/smb/50x50_80/webmgr/1n/a/7/blog.png.webp?e217a4450d37b7210f1c34d247a91cc4
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
959c726aec1265685399599b8b1318317f25ceaad80a23acf5bd7402d3c20696

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 04:47:06 GMT
server
cloudflare
age
10538
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1296000
content-transfer-encoding
binary
content-disposition
filename=blog.png.webp;
accept-ranges
bytes
cf-ray
89274cc98b504dbe-FRA
content-length
1072
expires
Thu, 27 Jun 2024 05:04:24 GMT
icon-back-to-top.png
www.pediatrics21.com/themes/website/assets/img/browserlock/
1 KB
2 KB
Image
General
Full URL
https://www.pediatrics21.com/themes/website/assets/img/browserlock/icon-back-to-top.png
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ff6a5a937796f1022052ef83acd74364e29b2f9153ef50808884d3a68f5525

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cr.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
cf-cache-status
MISS
last-modified
Mon, 24 Jul 2023 16:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4bd-6013e7e1e3375"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHnvrcEa1bG6jVGAja3N2CJEQGzYuYNKzKGBm7ycUV43ZLK0rWrH9QeC0S1juco%2BZDiEB2tlzwREZ2XA2PV%2FGFn9QQEJnhi%2BZKsYhmQsdW3fY6pS55R6VmJJAPbPc873hMyrhxhawg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
89274cc98dd71952-FRA
alt-svc
h3=":443"; ma=86400
content-length
1213
expires
Thu, 12 Jun 2025 05:04:24 GMT
index03-1.jpg.webp
cdcssl.ibsrv.net/ibimg/smb/776x472_80/webmgr/1n/a/7/
61 KB
61 KB
Image
General
Full URL
https://cdcssl.ibsrv.net/ibimg/smb/776x472_80/webmgr/1n/a/7/index03-1.jpg.webp?26d1737216ad28f2b269f22bb0702c43
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a8b04896a0674895fc6f89e0b6e380551e50d1fe87c0ea8234ccb75db94530

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
cf-cache-status
HIT
last-modified
Thu, 09 May 2024 18:18:44 GMT
server
cloudflare
age
10538
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1296000
content-transfer-encoding
binary
content-disposition
filename=index03-1.jpg.webp;
accept-ranges
bytes
cf-ray
89274cc9bb854dbe-FRA
content-length
62676
expires
Thu, 27 Jun 2024 05:04:24 GMT
jquery-1.11.1.min.js
www.pediatrics21.com/themes/common/javascripts/vendor/jquery/
94 KB
46 KB
Script
General
Full URL
https://www.pediatrics21.com/themes/common/javascripts/vendor/jquery/jquery-1.11.1.min.js
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/js-defer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917afaa7d48fb8be379215c867aa04c03f95200d260b4c69cebedeff82bc4753

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46524
last-modified
Thu, 23 May 2024 06:25:20 GMT
server
cloudflare
etag
"17627-619191d8b5efe"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yM1ihYa5OSjcxErGmFUGCjh%2FT3DdotZX4UjHeD%2Bt2v%2F%2BAovRyGqQsoamHdR%2FyeDoePe0OjhL0j65twSteGnPKY053J%2BbuCCT7KYIDKZBpw74aFVqEpD84XaPSOof3DA8UXteWFgZ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
89274cca1e641952-FRA
expires
Thu, 12 Jun 2025 05:04:24 GMT
js
maps.google.com/maps/api/
213 KB
72 KB
Script
General
Full URL
https://maps.google.com/maps/api/js?key=AIzaSyCPi18lG_rd7of67jBJsJxGESX-KiXqcj4
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/js-defer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
f21691376542b3602de2ce5f293b3b3c6c4bd48df7032211452f4d4ba43f0288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73850
x-xss-protection
0
masonry.pkgd.min.js
unpkg.com/masonry-layout@4.2.2/dist/
24 KB
10 KB
Script
General
Full URL
https://unpkg.com/masonry-layout@4.2.2/dist/masonry.pkgd.min.js
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/js-defer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2178629
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HY4FKYMSMNJBWB35MBFHYCKA-fra
server
cloudflare
etag
"5e27-0gJSz3bDvorzeoQV0TrTaMditNg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89274cca3b979f1b-FRA
smb-number-changer.js
apps.officite.com/js/
3 KB
2 KB
Script
General
Full URL
https://apps.officite.com/js/smb-number-changer.js?date=20240612
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/js-defer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c83aac7258dabd113c3c12507d5e37540ee86ab5ec40a58336700b944549e7c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 20:38:14 GMT
server
cloudflare
age
15724
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89274cca6b1d8fd6-FRA
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
1059
expires
Thu, 12 Jun 2025 05:04:24 GMT
33587e360d76b8fb34337a32521f0432.opt-min.co.js
www.pediatrics21.com/storage/opt/
922 KB
370 KB
Script
General
Full URL
https://www.pediatrics21.com/storage/opt/33587e360d76b8fb34337a32521f0432.opt-min.co.js
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/js-defer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714dd3984695c0c2d06da6537e8b928ceb7aad09dabe959566b91187f3aff119

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:24 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 04 Jan 2024 12:27:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e69d3-60e1ddaa2b2f9"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wz7cpXOBeT%2FRmjU6DjMMgzcwD4cMVncozOfTtNtsovCewefw0ZEveaXcdvVu%2FRU7sZeFJcRO15aHDByjkVsrqjzuj0lMFSG0z8mSQ282rgOp43%2FzO14N%2BNwrOrpPz5tIjWlf9pCTnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
89274cca1e651952-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 12 Jun 2025 05:04:24 GMT
PBtfGWyM7_GXPd-vQQHEAiJZ
smbleads.ibsmb.com/v1/leads/create_form/
31 KB
12 KB
Script
General
Full URL
https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d949546b5735db6b378ddbcd7263102703b81e627bce9be9fb2a1a9d7fee52df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVPqIef1eObW5j6lPjGm6hElEl67iyxZUtff1tlioBzz0%2FJ5E5FH2A91MInX%2FPwYaBqzYuF%2Fu44GK3UhjOOq8hsn2GlK4lvo4EqQjOKToXsNL16Hq0TBYJq2OA2fvbbadW%2B0z%2FiHjU947rgiAvoGx0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
46
server-timing
dtSInfo;desc="1"
cf-ray
89274cca5d489136-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
27 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
360 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.pediatrics21.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
www.pediatrics21.com/storage/opt/
43 KB
18 KB
Stylesheet
General
Full URL
https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97dc3c7f073a6f041bc3b8c19a6d1042a9e710466013f3917af08dc959565cd9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17453
last-modified
Tue, 11 Jun 2024 09:14:38 GMT
server
cloudflare
etag
"aca4-61a99b1feec10-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PspfRcsvAXC0hT58cuBONkFauelpHiJcmkH%2FJK7dglDgBe50jGinpD65y0mE%2BIewIXdlFYCXLJJKN7MOWVP%2BXsytYJst%2BSXNXm4td62ImJZC%2FeUkEcW2XhUeRf0GLYlfvYtV749iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
89274ccc38ae1952-FRA
expires
Thu, 12 Jun 2025 05:04:25 GMT
nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5g.woff2
fonts.gstatic.com/s/playfairdisplay/v14/
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v14/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5g.woff2
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7ba0cb6b9eaf1d9082e64213b35c76be267611d788d537d15372e5731733968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Origin
https://www.pediatrics21.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:43:11 GMT
x-content-type-options
nosniff
age
80474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26828
x-xss-protection
0
last-modified
Tue, 19 Feb 2019 22:30:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 06:43:11 GMT
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v4/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v4/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Origin
https://www.pediatrics21.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 04:58:42 GMT
x-content-type-options
nosniff
age
86743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16920
x-xss-protection
0
last-modified
Tue, 19 Feb 2019 22:19:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 04:58:42 GMT
custom-icons.ttf
www.pediatrics21.com/themes/common/fonts/custom-icons/
82 KB
83 KB
Font
General
Full URL
https://www.pediatrics21.com/themes/common/fonts/custom-icons/custom-icons.ttf?p11f0d
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f58c7c0f986ac5db9f5eec088715a988f7b996b33f9d3f5fc48265ef1e4c8b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Origin
https://www.pediatrics21.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
84328
last-modified
Thu, 23 May 2024 06:25:15 GMT
server
cloudflare
etag
"14968-619191d3a0b9f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nui9OZsxAP3wmDWzGVpbzTbvqvlfuNLzVVey81UyzWARnTl2ElOCY%2BEboZcGSPuy9I5ASGD%2FnBLCAhZk98mTEC0hPZbxCJT%2FB72dtpLWS4uuXIv2JyTz75BJ%2FUehFAaTvF%2BlJXOsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
access-control-allow-origin
https://www.pediatrics21.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
89274ccdba3c1952-FRA
expires
Thu, 12 Jun 2025 05:04:25 GMT
lato-regular-webfont.woff
www.pediatrics21.com/themes/common/fonts/lato/
28 KB
29 KB
Font
General
Full URL
https://www.pediatrics21.com/themes/common/fonts/lato/lato-regular-webfont.woff
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd49b6cbe45132cffe6caad0e3277d79db4846bc3b9244a7fbb8e2ea7f7d5c1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Origin
https://www.pediatrics21.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
29104
last-modified
Thu, 23 May 2024 06:25:16 GMT
server
cloudflare
etag
"71b0-619191d4dfce5"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cnc0BqsqT%2B%2BWx5pKVCRBQ6blyZVAQM364b1QdBqHYOfEK0FzfDdaFH%2Bh09eOpAUgE200C9%2FUqQCTuQoXFE3KF03Md20EXFKuvzn%2B4g5FG5vMOKez%2FCRzOWWejpn2S7u7qpDsM7W69w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-woff
access-control-allow-origin
https://www.pediatrics21.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
89274ccdba401952-FRA
expires
Thu, 12 Jun 2025 05:04:25 GMT
fontawesome-webfont.woff
www.pediatrics21.com/themes/common/fonts/font-awesome/
79 KB
80 KB
Font
General
Full URL
https://www.pediatrics21.com/themes/common/fonts/font-awesome/fontawesome-webfont.woff
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/storage/opt/db45ac8f3591af614eceb16b4650b0c5.opt-min.cf.css
Origin
https://www.pediatrics21.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
81284
last-modified
Thu, 23 May 2024 06:25:15 GMT
server
cloudflare
etag
"13d84-619191d3f4f2f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VO%2FNT7Z4FzTRbh49RK8BAn2%2FItQ3kkDy1x5TZvNI5c6hwR5TG2fdSY8c7msjiTw7GByiSODuP08Y6IAdLB0Np%2BcH03kinKdFRNhpbrvVRJjMsGAJOnp7OJ85XpGrzGcOZZ9U%2FORmAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-woff
access-control-allow-origin
https://www.pediatrics21.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
89274ccdba431952-FRA
expires
Thu, 12 Jun 2025 05:04:25 GMT
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/storage/opt/33587e360d76b8fb34337a32521f0432.opt-min.co.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 12 Jun 2024 05:04:26 GMT
/
elocallink.tv/e/ Frame F86D
0
0
Document
General
Full URL
https://elocallink.tv/e/?v=jVH&ap=1
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/themes/common/javascripts/vendor/jquery/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.57.205.124 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
www.elocallink.tv
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.pediatrics21.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Jun 2024 05:04:26 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Transfer-Encoding
chunked
www-widgetapi.js
www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/
37 KB
13 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 00:38:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12617
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 04:18:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Jun 2025 00:38:50 GMT
nr-full-1.260.1.min.js
js-agent.newrelic.com/
91 KB
29 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-full-1.260.1.min.js
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea5597dbadfb928211656a498ff992a01e24c9a12ed70241bba4c3e58a28eaae
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Origin
https://www.pediatrics21.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
TqyWXt082B_TfLo9tht_.Gf5FSj15H.7
content-encoding
br
via
1.1 varnish
date
Wed, 12 Jun 2024 05:04:27 GMT
strict-transport-security
max-age=300
x-amz-request-id
VN0YE9F9S9SHK7D5
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29588
x-amz-id-2
BOX+miMMm6l9uEqnEiGi6AWv/eTS5slU9A7MMEDb2r8Ubapa0zUWshyBsZUbhAO24GtH04H+zrY=
x-served-by
cache-fra-etou8220105-FRA
last-modified
Mon, 20 May 2024 17:44:48 GMT
server
AmazonS3
etag
"1e7180dea49635a15da0ed153d13331e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
28617
forms.min.css
smbleads.ibsmb.com/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://smbleads.ibsmb.com/css/forms.min.css?v1.150
Requested by
Host: smbleads.ibsmb.com
URL: https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:af4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550621bfceaa0b85facbddae16cedb37b06712319bce566dadd09db06089e5cf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:27 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
server-timing
dtSInfo;desc="1"
alt-svc
h3=":443"; ma=86400
content-length
1248
last-modified
Mon, 29 Apr 2024 18:49:18 GMT
server
cloudflare
etag
"acd-61740b5efc780"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVhp%2FOfUjTuDx34uJH3p5QWnOX%2B1z3QYrynSwECofbijBUR8OwES1OmVnibBrFMHY39v7x1kHe6XXead6lZBMn72oa%2BpDYf6S4ROxcUvpEEvjgvhUpQkbsSfNqz%2FuWn1wPWfhh74nBffK7qSd%2BXoKrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
accept-ranges
bytes
cf-ray
89274cdadc349136-FRA
favicon.ico
www.pediatrics21.com/
54 KB
20 KB
Other
General
Full URL
https://www.pediatrics21.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a62a0f969ead0e2434c0f047742167f0b6ea5dfab7d3c3311195d892bad793f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:27 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-webmgr-brand
officite
alt-svc
h3=":443"; ma=86400
x-webmgr-siteid
76831
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8ACvL8o%2Fp918CNMZ0L3C7PbLNXqnVhnHEjLOwNEo%2Fmg%2FL15o90OKRIExqQ965QytGvowzX5ICUuvd1y0dBr5ebI6nJwzU1dk4f1BUNovK9oT%2FLuAcooQk4lqHw55qBV71Dz4Q%2B71g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-webmgr-cache
MISS
cache-control
no-cache, private
x-webmgr-ple
1
x-webmgr
1
x-webmgr-theme
malleable
cf-ray
89274cdade921952-FRA
94778f977a
bam.nr-data.net/1/
148 B
708 B
XHR
General
Full URL
https://bam.nr-data.net/1/94778f977a?a=27163309&v=1.260.1&to=MlFUMhRZD0AEAkMPVgsbdwUSUQ5dSiJaFWUmWFcVFV0SbyYMRCVWC0BECQpUBEElE0II&rst=3557&ck=0&s=dbea3c0c56898c17&ref=https://www.pediatrics21.com/&ptid=999dd5c42617185a&af=err,xhr,stn,ins&ap=87&be=510&fe=2995&dc=319&at=HhZDRFxDHB9HABVcQhhJ&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1718168663817,%22n%22:0,%22f%22:212,%22dn%22:212,%22dne%22:212,%22c%22:212,%22s%22:212,%22ce%22:212,%22rq%22:228,%22rp%22:511,%22rpe%22:652,%22di%22:828,%22ds%22:829,%22de%22:829,%22dc%22:3501,%22l%22:3501,%22le%22:3505%7D,%22navigation%22:%7B%7D%7D&fp=798&fcp=798
Requested by
Host: www.pediatrics21.com
URL: https://www.pediatrics21.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bf8a7a4bee54413d2343f6c7d55ab715e9f9dd8e024e8f8c32c5e243bbef6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 12 Jun 2024 05:04:28 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.pediatrics21.com
access-control-expose-headers
Date
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
89274cdb78281a86-FRA
timing-allow-origin
https://www.pediatrics21.com
CampaignTracker.min.js
smbleads.ibsmb.com/js/
3 KB
2 KB
Script
General
Full URL
https://smbleads.ibsmb.com/js/CampaignTracker.min.js?v1.150
Requested by
Host: smbleads.ibsmb.com
URL: https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b3c0c563e2502e5d1b850ff9aa12d0ce53f82c43a53404339cc24e810e0a5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:27 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
server-timing
dtSInfo;desc="1"
alt-svc
h3=":443"; ma=86400
content-length
1331
last-modified
Mon, 29 Apr 2024 18:49:18 GMT
server
cloudflare
etag
"a65-61740b5efc780"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXj0muyW2bfOyoyOpQof06Gt0z%2FiUdezwLIgZ47BounI8XivA1Q6NsjoPsTsEAMfE0XV1WJf1yxX21JhiEuXWz%2BpvHYU%2F%2FINCBLNT9jolrKoebBEi1%2FuO6P0W0N51OhwTsncxLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89274cdbecf05d51-FRA
jquery.inputmask.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.1.62/
60 KB
17 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.1.62/jquery.inputmask.bundle.min.js
Requested by
Host: smbleads.ibsmb.com
URL: https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6260eb521451d8fd6e177515e0b73e7a11c7eaaa38221999d3be27e6f7c2c1c1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
35833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16414
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-ef73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ounJS16uG491Jpb3hE%2FJUoNGo03PED1g65d463rBNd2ejjgROSapsCDrczLVQMIRD6wEtpoluBU3pElDDRnqraagzHXGdpT2Mec%2FsFjr0j745PPc2Y3qWM2Q2R44u5oY3BcOUFr1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89274cde1b9835df-FRA
expires
Mon, 02 Jun 2025 05:04:27 GMT
uploadField.min.js
smbleads.ibsmb.com/js/
4 KB
2 KB
Script
General
Full URL
https://smbleads.ibsmb.com/js/uploadField.min.js?v1.150
Requested by
Host: smbleads.ibsmb.com
URL: https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a1f913cdaaac5fde4d00dc5b8cc2ffd32fe8b491249774ad81e2b194a49b5d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:28 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
server-timing
dtSInfo;desc="1"
alt-svc
h3=":443"; ma=86400
content-length
1864
last-modified
Mon, 29 Apr 2024 18:49:18 GMT
server
cloudflare
etag
"ee2-61740b5efc780"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOypyGxbl3y3kBM5PtssyUdoNUtOiD2ueUpfZ4AL3FpXbHxyAxMUF4ZERaXv9pOaxXUMnmcTpc7NXobfVncPSDrPMwwpwDjogBj4M82fDAZhdY6dkPGVUObCIdJqJdGHg0Wrm%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89274cde6ee55d51-FRA
sweetalert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/
17 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.js
Requested by
Host: smbleads.ibsmb.com
URL: https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
38110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4772
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-4251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLJQOvXkQd3EaE0iAkGFCXXe%2FLEjBJ0JSAiSfnzuEUOGwWUn1hdNf2GrD7ZsAwUIdOTZrpTEisqxjU8yjaVuBJXzUjoWYRVDP16X1kiZwCPfBQrKJ0UP2iTDsb5VexZytem%2Bh972"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89274ce07dfb35df-FRA
expires
Mon, 02 Jun 2025 05:04:28 GMT
sweetalert.min.css
cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/
16 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.css
Requested by
Host: smbleads.ibsmb.com
URL: https://smbleads.ibsmb.com/v1/leads/create_form/PBtfGWyM7_GXPd-vQQHEAiJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8975187e46d59798ad7786c09051f99a330437995df6ddce1ef5d7dc853c5315
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
129938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2728
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-41bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lb%2FgD3LGbgyRRgkMWlkgES1Orj1%2FSiS24fihthv7Sm2j1xoeowFnMW6LNTLZLSgzaZhG8vrncFa4UViwuizTkswvkjeqJyfKHhaONcFDF4pc%2FGem7sdZTdiJVXJZ5qfMqHD3FV%2FU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89274ce09e0835df-FRA
expires
Mon, 02 Jun 2025 05:04:28 GMT
common.js
maps.google.com/maps-api-v3/api/js/57/3a/intl/de_ALL/
257 KB
57 KB
Script
General
Full URL
https://maps.google.com/maps-api-v3/api/js/57/3a/intl/de_ALL/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCPi18lG_rd7of67jBJsJxGESX-KiXqcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
904bfa35be1af83324ea0cc98b28617fca8fa0788c06e7a14fd2370f1d133a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
64257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57607
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 22:23:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:13:32 GMT
util.js
maps.google.com/maps-api-v3/api/js/57/3a/intl/de_ALL/
182 KB
56 KB
Script
General
Full URL
https://maps.google.com/maps-api-v3/api/js/57/3a/intl/de_ALL/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCPi18lG_rd7of67jBJsJxGESX-KiXqcj4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0194c3453baea303f69f6cd3174105afafdcf1f199f35cbe7d6538bf7e92d042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.pediatrics21.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:36:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
62875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57119
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 22:23:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:36:34 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NREUM object| webpackChunk:NRBA-1.260.1.PROD object| newrelic object| pagespeed string| baseUrlForMyPages function| $ function| jQuery string| _ctRewriteUrl object| _userway_config function| gtag object| dataLayer object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| SmbNumberChanger object| mql function| moreNav function| navigationSublevelWrap function| menuPrepare function| calcTotalMenuItemsWidth function| addMoreButton function| disableLinks object| jQuery111102766101275369406 object| ResponsiveHelper object| skrollr object| PLEStickyElements function| PLEStickyState function| swalTwo function| sweetAlert function| Sweetalert2 function| videojs object| vttjs function| VTTRegion function| WebVTT function| onYouTubeIframeAPIReady function| onYouTubeIframeAPIReadyYoutube undefined| Youtube function| $f function| Froogaloop function| Popper object| bootstrap function| ScrollReveal object| sr function| Cookies object| menuHolder number| menuHolderMaxWidth object| menu object| currentMenu number| currentMenuWidth number| menuChildrenCount string| origMenuContent object| moreButton object| allMenus object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| assetLoader object| CampaignTracker function| swal boolean| assetLoaderCompleted

6 Cookies

Domain/Path Name / Value
.officite.com/ Name: __cf_bm
Value: eNn95tPzLZVkLQh9_A_Pzr06yj4X2q9WD1fzM3OoXeY-1718168664-1.0.1.1-pwj315gk2GJPmqXeZHEFO7WcGo3wQoUp5YgBikpHy6iQ1iNboHkzIUGQLULf_7gXD8ZBqFl9QmD0buydCUKrlg
www.pediatrics21.com/ Name: ctdata
Value: []
.youtube.com/ Name: YSC
Value: gwqp9qpUSF0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: h01hAoz4dRE
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgMg%3D%3D
www.pediatrics21.com/ Name: october_session
Value: eyJpdiI6ImxmUFhSaDhDZ1dGdzZMQlJtd3FvMFE9PSIsInZhbHVlIjoicThFZXJLU3BGc2JneSt2ZzY4ZUFaSklQaGtqUkd4enZOR3oxbnJEVDJPVUF6OVNLNUF6WHdiSVpYMjZ0WmZnU1dNODhuU0hhcVFPb1JMdzhHUEp6Y2JtMUp5bUsvQ0pSUFRuZTFmYjgxZWtIRGNuNGlKK2Z0TE1ubUxyaU1VZkEiLCJtYWMiOiJmYzY5OTJhN2IwZTMyMTQ2YThkZjkxZDQ0ZGMxMjE1ZTc0ZWU1NmMzNDExZjk5NGYzM2E0ZTNjZjQ2NzViYzNjIiwidGFnIjoiIn0%3D

2 Console Messages

Source Level URL
Text
other warning URL: https://www.pediatrics21.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.pediatrics21.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.officite.com
bam.nr-data.net
cdcssl.ibsrv.net
cdnjs.cloudflare.com
elocallink.tv
fonts.gstatic.com
js-agent.newrelic.com
maps.google.com
maps.googleapis.com
pediatrics21.com
smbleads.ibsmb.com
unpkg.com
www.pediatrics21.com
www.youtube.com
104.17.25.14
162.247.241.14
172.67.162.212
172.67.175.78
2602:816:5001::39
2606:4700:3030::ac43:af4e
2606:4700:4400::6812:2aad
2606:4700:4400::6812:2bf2
2606:4700::6811:f5cb
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
50.57.205.124
0194c3453baea303f69f6cd3174105afafdcf1f199f35cbe7d6538bf7e92d042
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
49a3bacbf036fb0ecc6639729d9e7ad76d5e1631b18a7adcbe7d29b7d497d98a
4a62a0f969ead0e2434c0f047742167f0b6ea5dfab7d3c3311195d892bad793f
4c00a5866df3521c4fbdea6e4a89f37107df315bbe01af0be60f2aafb0f69b7c
52ff6a5a937796f1022052ef83acd74364e29b2f9153ef50808884d3a68f5525
550621bfceaa0b85facbddae16cedb37b06712319bce566dadd09db06089e5cf
59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5
6260eb521451d8fd6e177515e0b73e7a11c7eaaa38221999d3be27e6f7c2c1c1
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9
714dd3984695c0c2d06da6537e8b928ceb7aad09dabe959566b91187f3aff119
76707ab9be14f9b16bc537a99c9365cec0dda235202696bc322c412994708db6
77bf8a7a4bee54413d2343f6c7d55ab715e9f9dd8e024e8f8c32c5e243bbef6e
79b3c0c563e2502e5d1b850ff9aa12d0ce53f82c43a53404339cc24e810e0a5c
7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7
7dd49b6cbe45132cffe6caad0e3277d79db4846bc3b9244a7fbb8e2ea7f7d5c1
8975187e46d59798ad7786c09051f99a330437995df6ddce1ef5d7dc853c5315
904bfa35be1af83324ea0cc98b28617fca8fa0788c06e7a14fd2370f1d133a96
917afaa7d48fb8be379215c867aa04c03f95200d260b4c69cebedeff82bc4753
91a1f913cdaaac5fde4d00dc5b8cc2ffd32fe8b491249774ad81e2b194a49b5d
959c726aec1265685399599b8b1318317f25ceaad80a23acf5bd7402d3c20696
97dc3c7f073a6f041bc3b8c19a6d1042a9e710466013f3917af08dc959565cd9
9c83aac7258dabd113c3c12507d5e37540ee86ab5ec40a58336700b944549e7c
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
a1a8b04896a0674895fc6f89e0b6e380551e50d1fe87c0ea8234ccb75db94530
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1
c6f58c7c0f986ac5db9f5eec088715a988f7b996b33f9d3f5fc48265ef1e4c8b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d949546b5735db6b378ddbcd7263102703b81e627bce9be9fb2a1a9d7fee52df
e0c477e68660b7515eda8a0ae1d120b5fee6a42ec678fe9099bcb07ce9d896b7
ea5597dbadfb928211656a498ff992a01e24c9a12ed70241bba4c3e58a28eaae
ebee2269c9d2fb4c5eb0998dc2445df27ee2e60e4881710720a9b8b2b2d9948a
f21691376542b3602de2ce5f293b3b3c6c4bd48df7032211452f4d4ba43f0288
f7ba0cb6b9eaf1d9082e64213b35c76be267611d788d537d15372e5731733968
fca0b67fb972bb440b8b49fceee5198d80b30eb6d1e31099d896562cd7ac6b28