urlscan.io logo urlscan.io
SecurityTrails logo

www.cermakimmediatecare.com Open in urlscan Pro
2600:9000:2057:2c00:9:eb3d:6fc0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cermakimmediatecare.com/
Effective URL: https://www.cermakimmediatecare.com/
Submission Tags: falconsandbox
Submission: On November 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 11 domains to perform 31 HTTP transactions. The main IP is 2600:9000:2057:2c00:9:eb3d:6fc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.cermakimmediatecare.com.
TLS certificate: Issued by Amazon on July 29th 2020. Valid for: a year.
This is the only time www.cermakimmediatecare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2600:9000:2057:2c00:9:eb3d:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.cermakimmediatecare.com
6    2600:9000:2057:dc00:d:3b9f:2e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
sa1s3optim.patientpop.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    99.86.2.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-97.fra6.r.cloudfront.net
sa1s3.patientpop.com
2    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    99.86.2.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-38.fra6.r.cloudfront.net
sa1co.patientpop.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.216.227.59 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    52.87.87.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-87-164.compute-1.amazonaws.com
widgets.patientpop.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
1    3.95.103.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-103-41.compute-1.amazonaws.com
widget.klara.com
2    52.202.114.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-114-196.compute-1.amazonaws.com
legacy.patientpop.com
1    52.222.177.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-177-99.ham50.r.cloudfront.net
patient.klara.com
Domain Requested by
6 sa1s3optim.patientpop.com www.cermakimmediatecare.com
5 sa1s3.patientpop.com www.cermakimmediatecare.com
2 legacy.patientpop.com www.cermakimmediatecare.com
2 bam.nr-data.net js-agent.newrelic.com
www.cermakimmediatecare.com
2 www.google-analytics.com www.cermakimmediatecare.com
2 s3.amazonaws.com www.googletagmanager.com
s3.amazonaws.com
2 fonts.gstatic.com www.cermakimmediatecare.com
2 www.googletagmanager.com www.cermakimmediatecare.com
2 www.cermakimmediatecare.com 1 redirects
1 patient.klara.com s3.amazonaws.com
1 widget.klara.com www.cermakimmediatecare.com
1 stats.g.doubleclick.net www.cermakimmediatecare.com
1 widgets.patientpop.com www.cermakimmediatecare.com
1 js-agent.newrelic.com www.cermakimmediatecare.com
1 cdn.polyfill.io s3.amazonaws.com
1 sa1co.patientpop.com www.cermakimmediatecare.com
31 16

This site contains links to these domains. Also see Links.

Domain
cic.nthtechnology.com
www.solvhealth.com
www.google.com
Subject Issuer Validity Valid
*.cermakimmediatecare.com
Amazon		 2020-07-29 -
2021-08-29		 a year crt.sh
patientpop.com
Amazon		 2020-02-15 -
2021-03-15		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-23 -
2021-05-07		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
widget.klara.com
Let's Encrypt Authority X3		 2020-10-27 -
2021-01-25		 3 months crt.sh
*.klara.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.cermakimmediatecare.com/
Frame ID: DDD3C679A0C313E9A067B9283DB127E0
Requests: 29 HTTP requests in this frame

Frame: https://s3.amazonaws.com/widget-frontend.klara.com/style.css
Frame ID: 0577E9BA6E00E76D0EADEB623041B75D
Requests: 1 HTTP requests in this frame

Frame: https://patient.klara.com/
Frame ID: FE14B2C1C30C9AA7D2BDE40FB3D5D325
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.cermakimmediatecare.com/ HTTP 301
    https://www.cermakimmediatecare.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

31
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

16
Subdomains

19
IPs

4
Countries

758 kB
Transfer

1627 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cermakimmediatecare.com/ HTTP 301
    https://www.cermakimmediatecare.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cermakimmediatecare.com/
Redirect Chain
  • http://www.cermakimmediatecare.com/
  • https://www.cermakimmediatecare.com/
428 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2c00:9:eb3d:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
63529c04964e6e7346db87bd4c4baa156ef88bbb1e02df7550a628a21ed3179c

Request headers

:method
GET
:authority
www.cermakimmediatecare.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Tue, 17 Nov 2020 15:00:03 GMT
server
nginx/1.18.0
x-ua-compatible
IE=edge,chrome=1
cache-control
max-age=3600, public
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
5bbrqqezZH3R8Lz746MZ4cOkLiQW0gWuBKbDVko0Y58Q7Q-qRKbGfA==

Redirect headers

Server
CloudFront
Date
Tue, 17 Nov 2020 15:00:02 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://www.cermakimmediatecare.com/
X-Cache
Redirect from cloudfront
Via
1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
Sm11b9gmC2DfAutDkhbvqP5k-qG6OF5qznpDPq0ChhvGtbyP-kZ8iw==
1832709.png
sa1s3optim.patientpop.com/assets/images/provider/photos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3optim.patientpop.com/assets/images/provider/photos/1832709.png
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:dc00:d:3b9f:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1bce8c7e9ba03e48454ea0adab18526500569f0df052fa9524ec9dfbf7a543b6

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 05:39:40 GMT
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront), 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag
"5100154c438e6b2de7658bfe28678cab2e11a4e6"
x-amzn-remapped-date
Wed, 11 Nov 2020 05:39:40 GMT
age
552023
x-amzn-requestid
b4ffe0ba-f4bf-47e8-82a8-ee5b44f20216
x-cache
Hit from cloudfront
status
200
x-amz-apigw-id
V0_ceG4lIAMFctw=
content-length
3704
x-amzn-trace-id
Root=1-5fab791c-39d682737ad4f8da0cdca1b6;Sampled=0
content-type
image/png
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA53-C1, FRA6-C1
x-amz-cf-id
LqCfyvdQ-QROO6_RPYIXh9ohXosHcblBz--3fQu_23p2CUEuB_85IA==
expires
Thu, 11 Nov 2021 05:39:40 GMT
gtm.js
www.googletagmanager.com/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZMXMW4
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c1fe9ecfadec6b3fc82f518bc1af8d63b62c47396086313e2ee0d98bdb1defc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 15:00:03 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28907
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Nov 2020 15:00:03 GMT
56560.png
sa1s3optim.patientpop.com/assets/docs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3optim.patientpop.com/assets/docs/56560.png
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:dc00:d:3b9f:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd9da87d98d46b88ef460efa94a0dce1390ccdec6e1cce275983c9c36074c9d4

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 14:30:00 GMT
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront), 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag
"e49c4a0e76b00b61557a0a23dc40b5c3e1bdf2d3"
x-amzn-remapped-date
Thu, 12 Nov 2020 14:29:59 GMT
age
433803
x-amzn-requestid
0853a1cf-3d33-4070-bd2e-279d452b94ca
x-cache
Hit from cloudfront
status
200
x-amz-apigw-id
V5gEQFX1IAMFn2A=
content-length
3700
x-amzn-trace-id
Root=1-5fad46e7-30e0b3696421034b6aa3dfaf;Sampled=0
content-type
image/png
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA53-C1, FRA6-C1
x-amz-cf-id
sbDChi2liG3vkVkDZ-tNrmOE4e_Zw5FiSF48vYJ2ckRCFpvSZUV1xg==
expires
Fri, 12 Nov 2021 14:30:00 GMT
56566.gif
sa1s3optim.patientpop.com/assets/docs/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3optim.patientpop.com/assets/docs/56566.gif
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:dc00:d:3b9f:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d50f8b22df8fbd25e09018f3b3a930c9a0b560f38c1b4eeabb5f900285402721

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 14:30:00 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront), 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag
"a810b981000a9caa54a7a5a81c4a9d775baed98e"
x-amzn-remapped-date
Thu, 12 Nov 2020 14:29:59 GMT
age
433803
x-amzn-requestid
d5e1c038-07a6-400f-87ac-62a8746ee50a
x-cache
Hit from cloudfront
status
200
x-amz-apigw-id
V5gEQFAWoAMF21w=
content-length
9872
x-amzn-trace-id
Root=1-5fad46e7-7ac6d7e757a5543e26ed41d7;Sampled=0
content-type
image/gif
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA53-C1, FRA6-C1
x-amz-cf-id
XxEkAFqBX21c6n88hyp2QoiWpbTBA8mR2RlFaJFvcDdbs_c7-DvQyw==
expires
Fri, 12 Nov 2021 14:30:00 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
1832741.jpg
sa1s3optim.patientpop.com/assets/production/practices/7d7b5fd196965e1efd4573f26f6791c0bb654489/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3optim.patientpop.com/assets/production/practices/7d7b5fd196965e1efd4573f26f6791c0bb654489/images/1832741.jpg
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:dc00:d:3b9f:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7fada91d7d8c15208e95e584496649d5c9ae50ba96359f4c53da02871ba89b48

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 06:00:24 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront), 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag
"40a2ef22263d9e71a454b62d860ae476d108f186"
x-amzn-remapped-date
Sat, 14 Nov 2020 06:00:24 GMT
age
291579
x-amzn-requestid
11c30ada-d01c-4448-b3b7-07ec6c85987d
x-cache
Hit from cloudfront
status
200
x-amz-apigw-id
V-7S1Gv2IAMF6cg=
content-length
90160
x-amzn-trace-id
Root=1-5faf7278-18370a6570dfc336086e2899;Sampled=0
content-type
image/jpeg
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA53-C1, FRA6-C1
x-amz-cf-id
ciI_qTVAUDGTIlvMRNtEz4Y3AsCXJ8IxhoJCKTy-uCaIlHvCCzroxA==
expires
Sun, 14 Nov 2021 06:00:24 GMT
OpenSans-Bold-webfont.woff
sa1s3.patientpop.com/assets/fonts/provider/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Bold-webfont.woff
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-97.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

Request headers

Origin
https://www.cermakimmediatecare.com
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 19:45:47 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
vary
Origin
age
155657
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
22432
last-modified
Thu, 14 Mar 2019 18:43:46 GMT
server
AmazonS3
etag
"2e90d5152ce92858b62ba053c7b9d2cb"
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
k6Wj.CSOe9sBIcAZsBytANULsMRx8KOO
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
PNxg46sMftj8ftoCczxpkxtOxukWvF70KM9dOCDXdP6uVQC05tvF8g==
OpenSans-Regular-webfont.woff
sa1s3.patientpop.com/assets/fonts/provider/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Regular-webfont.woff
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-97.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Request headers

Origin
https://www.cermakimmediatecare.com
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 19:45:47 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
vary
Origin
age
155657
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
22660
last-modified
Thu, 14 Mar 2019 18:44:13 GMT
server
AmazonS3
etag
"79515ad0788973c533405f7012dfeccd"
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
7N0CRiXKIkKkxel8gxz35HY45qfxEWkK
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
rnpB8vONI8Apjeyc2fGQGeTjdqmuTHj5qwi0mmYXZK6ns_zdqIhNfQ==
pp-font-awesome-atomic-subset.woff
sa1s3.patientpop.com/assets/fonts/pp-atomic-fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sa1s3.patientpop.com/assets/fonts/pp-atomic-fonts/pp-font-awesome-atomic-subset.woff
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-97.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6aea627104aee00f7759a73fdf71add52a713b5f11af2eddb7f116643068ad9a

Request headers

Origin
https://www.cermakimmediatecare.com
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 10:58:45 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
vary
Origin
age
705679
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
24680
last-modified
Thu, 14 Mar 2019 18:45:36 GMT
server
AmazonS3
etag
"b6d676750b43911df2982d49aaf549fa"
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
pvMYvRo.QqGNbBMGvBQf1ivrbLs2q00T
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
n5m99r5Z5jG7v95hF5m40csf-3Q9_yqq3xMFOYiHSVTigtwKsuw92A==
OpenSans-Light-webfont.woff
sa1s3.patientpop.com/assets/fonts/provider/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Light-webfont.woff
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-97.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2

Request headers

Origin
https://www.cermakimmediatecare.com
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 04:48:47 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
vary
Origin
age
1332677
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
22248
last-modified
Thu, 14 Mar 2019 18:43:25 GMT
server
AmazonS3
etag
"45b47f3e9c7d74b80f5c6e0a3c513b23"
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
G9Ry2j5bJn94lMDZYkt2jvIA.9LxU5BO
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
Ia9ILxoVJL1s_3soKIV6gsq3lE03uoGwD3Fl8z8uIj8MI4C9QtmagQ==
lEjOv129Q3iN1tuqWOeRBgLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v13/lEjOv129Q3iN1tuqWOeRBgLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12da975df4412a92b22fb948fcad5f6ce22179587d733b6dcdc0700a91b9b811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cermakimmediatecare.com
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 21:27:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Feb 2017 19:14:07 GMT
server
sffe
age
63162
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Tue, 16 Nov 2021 21:27:21 GMT
22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/lato/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v13/22JRxvfANxSmnAhzbFH8PgLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8399cfb4dc050044637c68f695ff244ba69e1e2176385554213d029d39c2ad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.cermakimmediatecare.com
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 19:30:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Feb 2017 19:14:12 GMT
server
sffe
age
415801
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13680
x-xss-protection
0
expires
Fri, 12 Nov 2021 19:30:02 GMT
e2b467d8e2851366d6ee8c0d825f1ff218a6967d
sa1co.patientpop.com/assetsV/practice.application.js/v/ 		276 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sa1co.patientpop.com/assetsV/practice.application.js/v/e2b467d8e2851366d6ee8c0d825f1ff218a6967d
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-38.fra6.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
ca746622776ff5c7e60d44e6a6e77703b8ab3c16da918a5ccce838fd601ef6f9

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 11 Nov 2020 00:34:03 GMT
content-encoding
gzip
server
nginx/1.18.0
age
570360
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
DstWcsP_wxVvzCbBvR1bB95IL-_7P-ZW2YlaVOUrUtjM6YqIcl4sgQ==
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
x-ua-compatible
IE=edge,chrome=1
gtm.js
www.googletagmanager.com/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DB2FJB
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cbeaa7667c3334f8404ccaf65abc973b89d5c63d2e92be5d1cb49551ba9b152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 15:00:03 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32215
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Nov 2020 15:00:03 GMT
bundle.js
s3.amazonaws.com/widget-frontend.klara.com/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/widget-frontend.klara.com/bundle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZMXMW4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.227.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
34daa22666c8163bf8c1ee39f2078f670ac20f55b50aa9b607a63a9ec449e95b

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 17 Nov 2020 15:00:05 GMT
Last-Modified
Mon, 09 Nov 2020 10:44:55 GMT
Server
AmazonS3
x-amz-request-id
74A4899EB190E229
ETag
"495b3f6ab3ad2917d36e821567a484ac"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
49251
x-amz-id-2
7BF9pFZ1Al9WACwc28unP+5n6ODgtxEA3SXnhqPf4KSxZiNN80Py4ryiSpwb3A9qdb6xfHAA5Us=
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/widget-frontend.klara.com/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1120595
detected-user-agent
Chrome Mobile/83.0.4103
status
200
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=760, HIT-WAIT-CLUSTER, fastly;desc="Edge time";dur=766, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Wed, 04 Nov 2020 15:43:07 GMT
date
Tue, 17 Nov 2020 15:00:04 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
nr-1184.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 15:00:04 GMT
content-encoding
gzip
x-amz-request-id
DCAF92F89A2CA027
x-cache
HIT
status
200
content-length
10624
x-amz-id-2
TRHerhVqdOKsza8E2v00gPT2CAbWzfpInLOFmUaGEwIXQEnp+g+VCzJEiqRyaVzOv5v636FnSaM=
x-served-by
cache-fra19126-FRA
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1605625205.500095,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
7193
15040
widgets.patientpop.com/bookonlinev2/router/ 		292 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.patientpop.com/bookonlinev2/router/15040
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.87.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-87-164.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
97b7c2a44fe01a4962f42ff0b4809ac98e18a9fc5fad10862d0c53ade0173b1c

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 15:00:04 GMT
content-encoding
gzip
last-modified
1605052600
server
nginx/1.18.0
content-type
application/javascript
status
200
cache-control
no-cache
x-robots-tag
noindex, nofollow
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4240
date
Tue, 17 Nov 2020 13:49:24 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 17 Nov 2020 15:49:24 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-71718129-42&cid=613869287.1605625204&jid=1787623345&gjid=56346631&_gid=1455347778.1605625204&_u=IGBAgEABAAAAAE~&z=634025368
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 17 Nov 2020 15:00:04 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.cermakimmediatecare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1789774640&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cermakimmediatecare.com%2F&ul=en-us&de=UTF-8&dt=Cermak%20Immediate%20Care%3A%20Immediate%20Care%20Cicero%2C%20IL%20%E2%80%94%C2%A0Welcoming%20Patients%20from%20Chicago%2C%20Cicero%2C%20and%20Surrounding%20Areas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1787623345&gjid=56346631&cid=613869287.1605625204&tid=UA-71718129-42&_gid=1455347778.1605625204&z=1970414434
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Nov 2020 09:07:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21156
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
78817c6582
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/78817c6582?a=333407958&v=1184.ab39b52&to=YlZSMUdXWkEAW0xZV1sccQZBX1tcTkhKUVtBWlMAal5bXwRIWVdd&rst=2034&ck=1&ref=https://www.cermakimmediatecare.com/&ap=434&be=1036&fe=1933&dc=1289&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1605625202487,%22n%22:0,%22f%22:64,%22dn%22:65,%22dne%22:65,%22c%22:65,%22s%22:69,%22ce%22:92,%22rq%22:92,%22rp%22:1010,%22rpe%22:1092,%22dl%22:1018,%22di%22:1290,%22ds%22:1290,%22de%22:1291,%22dc%22:1933,%22l%22:1933,%22le%22:1976%7D,%22navigation%22:%7B%7D%7D&fp=1147&fcp=1297&at=ThFRRw9NSU8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
style.css
s3.amazonaws.com/widget-frontend.klara.com/ Frame 0577 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/widget-frontend.klara.com/style.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/widget-frontend.klara.com/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.227.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
65e821dde171bc3e574d26ee08ecac649a4691db143f9e7233f5b6b6ccb167bf

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 17 Nov 2020 15:00:05 GMT
Last-Modified
Mon, 09 Nov 2020 10:44:55 GMT
Server
AmazonS3
x-amz-request-id
1EA4EFE09EA73404
ETag
"66d7af2fd8b8c9bb0b4c6df00c8fd2d1"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4538
x-amz-id-2
TY/fa35eBlu+/DjlbUbWpF5N+LYhvEJ0tZX/21pH5KpsRIaF+Zi7dyH/VaRiI92Tdq060n6QOEY=
team_info
widget.klara.com/ 		356 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.klara.com/team_info?widget_id=5bbb4603-6a24-4a8c-af90-cb3958b2148a&limit=3
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.103.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-103-41.compute-1.amazonaws.com
Software
nginx /
Resource Hash
454ab97ac5fdfc620b4be670be7686bd9e6505988dd90b1aea6bd77f2e6de83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 15:00:05 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
strict-transport-security
max-age=31536000
e2b467d8e2851366d6ee8c0d825f1ff218a6967d
legacy.patientpop.com/widgets/bookonline/template/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://legacy.patientpop.com/widgets/bookonline/template/e2b467d8e2851366d6ee8c0d825f1ff218a6967d
Protocol
H2
Server
52.202.114.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-114-196.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin
Origin
https://www.cermakimmediatecare.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Tue, 17 Nov 2020 15:00:05 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.cermakimmediatecare.com
access-control-max-age
3600
access-control-allow-methods
POST, GET
access-control-allow-headers
ACCESS-CONTROL-ALLOW-ORIGIN
content-encoding
gzip
e2b467d8e2851366d6ee8c0d825f1ff218a6967d
legacy.patientpop.com/widgets/bookonline/template/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://legacy.patientpop.com/widgets/bookonline/template/e2b467d8e2851366d6ee8c0d825f1ff218a6967d
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.114.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-114-196.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
24eec647b9c27b8b88946d9b3cc72f54afee7881988cb396fddfecf0690cf5af

Request headers

Access-Control-Allow-Origin
*
Accept
*/*
Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 15:00:05 GMT
content-encoding
gzip
server
nginx/1.18.0
status
200
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cermakimmediatecare.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
/
patient.klara.com/ Frame FE14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://patient.klara.com/
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/widget-frontend.klara.com/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.177.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-177-99.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
patient.klara.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
last-modified
Mon, 16 Nov 2020 11:48:37 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 17 Nov 2020 15:00:06 GMT
etag
"466d99ea9e8bae744dc2771130dd61a0"
cache-control
no-cache
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 62e8d9c8c3a2ceb2c8a9fa0c9a6bcd8e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
h3VrT-LQD6Rw_d5kDfO6WPTgdQSk8Fvi5fMaWyUyHLZD7J0EL2J5GQ==
photo.jpg
sa1s3.patientpop.com/assets/images/provider/photos/ 		375 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3.patientpop.com/assets/images/provider/photos/photo.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-97.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ebe136987db140b13afd1f5385bce2c45e943c36bdf2910fa907518b982ed3b

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
last-modified
Thu, 26 May 2016 18:11:48 GMT
server
AmazonS3
age
505696
etag
"cb555ce50e5b99fa8c712e8a7084ee88"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
date
Wed, 11 Nov 2020 18:31:50 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
375
x-amz-cf-id
6HcAFUsDz2BSmTjitRfVIUaMrMHKBHP83Jko7A4M-KP1f46PyQpNkQ==
1863421.jpg
sa1s3optim.patientpop.com/assets/production/practices/7d7b5fd196965e1efd4573f26f6791c0bb654489/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3optim.patientpop.com/assets/production/practices/7d7b5fd196965e1efd4573f26f6791c0bb654489/images/1863421.jpg
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:dc00:d:3b9f:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f8073501029712576c6adcadd3cee99e17fa70faddb9ecd037f13e44120ba843

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 14:30:15 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront), 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag
"6a6117bba08f83f8d4274dc686eae6dcf6d2a16c"
x-amzn-remapped-date
Thu, 12 Nov 2020 14:30:15 GMT
age
433793
x-amzn-requestid
60a8fec6-5ddb-4e13-b4d7-1f2d53a5c654
x-cache
Hit from cloudfront
status
200
x-amz-apigw-id
V5gGsFrhoAMFr9A=
content-length
61562
x-amzn-trace-id
Root=1-5fad46f7-76b448ab5580ee8a29e684fe;Sampled=0
content-type
image/jpeg
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA53-C1, FRA6-C1
x-amz-cf-id
eEtbPWIgD6lbdpc3HwAI6_6dB-ISXAynmlpNjkSH6jMjBB44bP8s8g==
expires
Fri, 12 Nov 2021 14:30:15 GMT
1863422.jpg
sa1s3optim.patientpop.com/assets/production/practices/7d7b5fd196965e1efd4573f26f6791c0bb654489/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sa1s3optim.patientpop.com/assets/production/practices/7d7b5fd196965e1efd4573f26f6791c0bb654489/images/1863422.jpg
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:dc00:d:3b9f:2e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8a50a2327bd12c7869c7e1e62e6172267aa521187a5c8127f87f654506979b79

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 14:30:20 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront), 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
etag
"1e9185c024bb317957f5523e98ead5a70c8cd3d6"
x-amzn-remapped-date
Thu, 12 Nov 2020 14:30:20 GMT
age
433793
x-amzn-requestid
dc2458d4-b52c-479b-b16d-822620cbd221
x-cache
Hit from cloudfront
status
200
x-amz-apigw-id
V5gHYGYYoAMFU2w=
content-length
50653
x-amzn-trace-id
Root=1-5fad46fb-50e33c2005f7e42a0f1b5edd;Sampled=0
content-type
image/jpeg
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA53-C1, FRA6-C1
x-amz-cf-id
ApCFzVmB7po1OFPAV_wHFEgf_z6MMNqQZhWF63qRXZaJ8VNru0OsHw==
expires
Fri, 12 Nov 2021 14:30:20 GMT
78817c6582
bam.nr-data.net/events/1/ 		24 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/78817c6582?a=333407958&v=1184.ab39b52&to=YlZSMUdXWkEAW0xZV1sccQZBX1tcTkhKUVtBWlMAal5bXwRIWVdd&rst=12034&ck=1&ref=https://www.cermakimmediatecare.com/
Requested by
Host: www.cermakimmediatecare.com
URL: https://www.cermakimmediatecare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.cermakimmediatecare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.cermakimmediatecare.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| NREUM object| newrelic function| __nr_require number| startTime object| dataLayer string| recaptcha_public_key function| d function| yall number| endTime boolean| callTrackingEnabled object| google_tag_manager object| klaraWidget function| checkForNonLoadedIframes function| Hashids number| triggeredSlide object| pop function| $ function| jQuery function| googleMapsScriptLoaded object| jQuery111109790460388672899 function| _ function| Chosen function| getCookie function| setCookie function| validateDate function| validatePhone function| isValidEmailAddress function| timeInMinutes function| getUrlParameters function| getUrlParameter function| clone function| isIE9OrBelow function| goToByScroll function| brightenColor function| rgb2hex object| patientpop function| recaptchaCallback number| PPoppracticeId string| PPoppracticeUuid object| PPop string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __core-js_shared__ function| moment number| pos

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.cermakimmediatecare.com/(Line 11597)
Message:
151.77999809384346
console-api log URL: https://www.cermakimmediatecare.com/(Line 11602)
Message:
[object PerformanceMeasure]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.polyfill.io
fonts.gstatic.com
js-agent.newrelic.com
legacy.patientpop.com
patient.klara.com
s3.amazonaws.com
sa1co.patientpop.com
sa1s3.patientpop.com
sa1s3optim.patientpop.com
stats.g.doubleclick.net
widget.klara.com
widgets.patientpop.com
www.cermakimmediatecare.com
www.google-analytics.com
www.googletagmanager.com
151.101.14.110
162.247.242.20
2600:9000:2057:2c00:9:eb3d:6fc0:93a1
2600:9000:2057:dc00:d:3b9f:2e80:93a1
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2008
2a00:1450:4001:821::2003
2a00:1450:400c:c03::9d
2a04:4e42:1b::621
3.95.103.41
52.202.114.196
52.216.227.59
52.222.177.99
52.87.87.164
99.86.2.38
99.86.2.97
0c1fe9ecfadec6b3fc82f518bc1af8d63b62c47396086313e2ee0d98bdb1defc
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
12da975df4412a92b22fb948fcad5f6ce22179587d733b6dcdc0700a91b9b811
1bce8c7e9ba03e48454ea0adab18526500569f0df052fa9524ec9dfbf7a543b6
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
24eec647b9c27b8b88946d9b3cc72f54afee7881988cb396fddfecf0690cf5af
34daa22666c8163bf8c1ee39f2078f670ac20f55b50aa9b607a63a9ec449e95b
454ab97ac5fdfc620b4be670be7686bd9e6505988dd90b1aea6bd77f2e6de83f
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ebe136987db140b13afd1f5385bce2c45e943c36bdf2910fa907518b982ed3b
63529c04964e6e7346db87bd4c4baa156ef88bbb1e02df7550a628a21ed3179c
65e821dde171bc3e574d26ee08ecac649a4691db143f9e7233f5b6b6ccb167bf
6aea627104aee00f7759a73fdf71add52a713b5f11af2eddb7f116643068ad9a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7fada91d7d8c15208e95e584496649d5c9ae50ba96359f4c53da02871ba89b48
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a50a2327bd12c7869c7e1e62e6172267aa521187a5c8127f87f654506979b79
97b7c2a44fe01a4962f42ff0b4809ac98e18a9fc5fad10862d0c53ade0173b1c
9cbeaa7667c3334f8404ccaf65abc973b89d5c63d2e92be5d1cb49551ba9b152
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
b8399cfb4dc050044637c68f695ff244ba69e1e2176385554213d029d39c2ad9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd9da87d98d46b88ef460efa94a0dce1390ccdec6e1cce275983c9c36074c9d4
ca746622776ff5c7e60d44e6a6e77703b8ab3c16da918a5ccce838fd601ef6f9
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d50f8b22df8fbd25e09018f3b3a930c9a0b560f38c1b4eeabb5f900285402721
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f8073501029712576c6adcadd3cee99e17fa70faddb9ecd037f13e44120ba843