urlscan.io logo urlscan.io
SecurityTrails logo

pca00118.itsahappyclient.com Open in urlscan Pro
2606:4700:3032::681c:4a  Public Scan

Go To Rescan Add Verdict Report
URL: https://pca00118.itsahappyclient.com/
Submission: On February 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3032::681c:4a, located in United States and belongs to CLOUDFLARENET, US. The main domain is pca00118.itsahappyclient.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 11th 2020. Valid for: 8 months.
This is the only time pca00118.itsahappyclient.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    2606:4700:3032::681c:4a (United States)

ASN13335 (CLOUDFLARENET, US)
pca00118.itsahappyclient.com
1    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    104.111.215.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
1    52.218.236.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    52.36.35.77 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-35-77.us-west-2.compute.amazonaws.com
crm.bloomerang.co
2    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    52.25.110.71 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-110-71.us-west-2.compute.amazonaws.com
api.bloomerang.co
2    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
2    2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
28 pca00118.itsahappyclient.com pca00118.itsahappyclient.com
www.google-analytics.com
3 use.typekit.net pca00118.itsahappyclient.com
2 www.google.com crm.bloomerang.co
www.gstatic.com
2 js.stripe.com crm.bloomerang.co
js.stripe.com
2 api.bloomerang.co pca00118.itsahappyclient.com
2 ajax.aspnetcdn.com crm.bloomerang.co
2 crm.bloomerang.co s3-us-west-2.amazonaws.com
crm.bloomerang.co
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 www.gstatic.com www.google.com
1 p.typekit.net pca00118.itsahappyclient.com
1 stats.g.doubleclick.net pca00118.itsahappyclient.com
1 s3-us-west-2.amazonaws.com pca00118.itsahappyclient.com
1 www.googletagmanager.com pca00118.itsahappyclient.com
47 13

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.facebook.com
twitter.com
www.instagram.com
itsahappymedium.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-11 -
2020-10-09		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.bloomerang.co
Go Daddy Secure Certificate Authority - G2		 2019-09-26 -
2020-09-29		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-02-12 -
2020-06-03		 4 months crt.sh
www.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://pca00118.itsahappyclient.com/
Frame ID: 2992E560F164FD99576071FD412AB61B
Requests: 45 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 785980E1094D5873177E1ABD423D1BC6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_MLoUAAAAAA9S3oEsQguJCG-tHNb4s1aabeOq&co=aHR0cHM6Ly9wY2EwMDExOC5pdHNhaGFwcHljbGllbnQuY29tOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=normal&cb=ogohembw0cf1
Frame ID: F747793F25A8870C68E36A1156D5DDD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

47
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1050 kB
Transfer

1886 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=985379073&t=pageview&_s=1&dl=https%3A%2F%2Fpca00118.itsahappyclient.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Prevent%20Child%20Abuse%20Iowa&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=800209466&gjid=1492554395&cid=1013788974.1582343679&tid=UA-20386313-1&_gid=102035860.1582343679&_r=1&gtm=2ou2c0&z=197885730 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-20386313-1&cid=1013788974.1582343679&jid=800209466&_gid=102035860.1582343679&gjid=1492554395&_v=j81&z=197885730

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pca00118.itsahappyclient.com/ 		28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
186cbdb84877de84021263d45f3465e788ef7ca912135eb861c5ad6771e566ab

Request headers

:method
GET
:authority
pca00118.itsahappyclient.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Sat, 22 Feb 2020 03:54:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddd9665d10a7d1fcf867fccba165da2f81582343678; expires=Mon, 23-Mar-20 03:54:38 GMT; path=/; domain=.itsahappyclient.com; HttpOnly; SameSite=Lax
link
<https://pca00118.itsahappyclient.com/wp-json/>; rel="https://api.w.org/", <https://pca00118.itsahappyclient.com/>; rel=shortlink
vary
Accept-Encoding
x-ua-compatible
IE=Edge,chrome=1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
568e0515aa56d6d5-FRA
content-encoding
br
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20386313-1
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6068439204859409723f802f073bee7c5bfcf36b233922a164e5b0a69b24b512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28492
x-xss-protection
0
last-modified
Sat, 22 Feb 2020 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Feb 2020 03:54:38 GMT
head.min.js
pca00118.itsahappyclient.com/content/themes/pca00118/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/js/head.min.js
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b715ba05fe9139ab6e9fffda783b104f81772f33af60958ef08d4eb488a5f8cf

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"4bfc-594e40b751bbe-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee59d6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
style.min.css
pca00118.itsahappyclient.com/wordpress/wp-includes/css/dist/block-library/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/wordpress/wp-includes/css/dist/block-library/style.min.css?ver=5.1.4
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Mar 2019 00:27:30 GMT
server
cloudflare
etag
W/"629a-583eedefb0080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee58d6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
svgs-attachment.css
pca00118.itsahappyclient.com/content/plugins/svg-support/css/ 		222 B
184 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/plugins/svg-support/css/svgs-attachment.css?ver=5.1.4
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Apr 2018 22:37:54 GMT
server
cloudflare
etag
W/"de-56a271b123480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee5cd6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
style.css
pca00118.itsahappyclient.com/content/themes/pca00118/ 		174 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8707eceabdeb946d5aa697f5b13ef6b4df8dbdf983b9e27e50161bb86bf8d96c

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:48 GMT
server
cloudflare
etag
W/"2b8b4-594e40b67601e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee5dd6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
jquery.js
pca00118.itsahappyclient.com/wordpress/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:43:04 GMT
server
cloudflare
etag
W/"17a69-594e413881ffe-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee5fd6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
jquery-migrate.min.js
pca00118.itsahappyclient.com/wordpress/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Mar 2019 00:27:30 GMT
server
cloudflare
etag
W/"2748-583eedefb0080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee61d6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
svgs-inline-min.js
pca00118.itsahappyclient.com/content/plugins/svg-support/js/min/ 		1 KB
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/plugins/svg-support/js/min/svgs-inline-min.js?ver=1.0.0
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e0d4e432c51d6b82047befba23bfd5597790b88cbcdfe1ec21dee7195e8399

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Apr 2018 00:51:58 GMT
server
cloudflare
etag
W/"493-56a14dcb08780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0518ee62d6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
hlu6pql.css
use.typekit.net/ 		3 KB
919 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/hlu6pql.css
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
76a44f6ccde1ad1c89f8fb0d2fed7d25ae4923208b2aaf2f262dc13a572ee6d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Sat, 22 Feb 2020 03:54:39 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
720
logo_header.svg
pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/ 		19 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/logo_header.svg
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc099f0d949a26aff47da374ffa30959907dacc26e451ad62d92c2b047f286d

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"4a28-594e40b74027e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519dfccd6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
1567744.js
s3-us-west-2.amazonaws.com/bloomerang-public-cdn/preventchildabuseiowa/.widget-js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/bloomerang-public-cdn/preventchildabuseiowa/.widget-js/1567744.js
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.236.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e1806f61b9ff081255201a782193aa244cfca4ccdad513af7c41ccd886d6f0d6

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 22 Feb 2020 03:54:40 GMT
Last-Modified
Mon, 28 Oct 2019 18:50:44 GMT
Server
AmazonS3
x-amz-request-id
82FD4F97D5DC3648
ETag
"3de03412eaa367e079d72fd93a1f2164"
Content-Type
text/javascript
Content-Length
2905
Accept-Ranges
bytes
x-amz-version-id
0G1Sdw1GJwB6jP.Dy2hwxJDfnk529N4I
x-amz-id-2
9q+JmwxCF7imIpaf4DFsy7u7m64ACrG87wJeAZW+OA0U58yYArmiWZVkklNQZs0I+8vhME9s2qc=
logo_footer.svg
pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/logo_footer.svg
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54eadb6583cca61464e3df1fc29c37473248630d0511a3d04afc2a0d35619871

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"3111-594e40b73c3fe-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519dfcdd6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
Facebook.svg
pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/ 		611 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/Facebook.svg
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c3ff9d52958830f6a4e3bf22058535ec973786d1b519c2859355cb5d60595c

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"263-594e40b73375e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519dfced6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
twitter.svg
pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/ 		1 KB
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/twitter.svg
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7139e6077c06e394566fed40445d344d8f58f587dcebcfc3f7aefc514b6c9ace

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"485-594e40b74315e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519dfcfd6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
instagram.svg
pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/instagram.svg
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b018bc98206c8f6022e4067a96a8bf468ef689a4250aab7d0c08e1d17fe5e683

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"b9c-594e40b73a4be-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519dfd1d6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
global.min.js
pca00118.itsahappyclient.com/content/themes/pca00118/js/ 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/js/global.min.js?ver=1571082049
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eead8fd31f724a303f78d6069b08fbab65be9dada022577054ca2ead036b9c

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"1f592-594e40b74bdfe-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0519af7dd6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
wp-embed.min.js
pca00118.itsahappyclient.com/wordpress/wp-includes/js/ 		1 KB
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/wordpress/wp-includes/js/wp-embed.min.js?ver=5.1.4
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Mar 2019 00:27:30 GMT
server
cloudflare
etag
W/"57b-583eedefb0080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0519dfcad6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
wp-emoji-release.min.js
pca00118.itsahappyclient.com/wordpress/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/wordpress/wp-includes/js/wp-emoji-release.min.js?ver=5.1.4
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Mar 2019 00:27:30 GMT
server
cloudflare
etag
W/"2f02-583eedefb0080-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
cf-ray
568e0519dfd2d6d5-FRA
expires
Sat, 29 Feb 2020 03:54:37 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20386313-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
369
date
Sat, 22 Feb 2020 03:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Sat, 22 Feb 2020 05:48:30 GMT
avenir-book-webfont.woff2
pca00118.itsahappyclient.com/content/themes/pca00118/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/fonts/avenir-book-webfont.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d38ee125b0c3cb61c08d9d440177748e8619f26eace32d0f37c3ffb6194a1e1

Request headers

Referer
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:48 GMT
server
cloudflare
etag
"4320-594e40b68a83e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
568e0519fffad6d5-FRA
content-length
17184
x-ua-compatible
IE=Edge,chrome=1
search.svg
pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/ 		891 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/img/svg/search.svg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26332453127545ca0a585f6603f2f8d00857472b6b11d10b288763ba374c4d8

Request headers

Referer
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:49 GMT
server
cloudflare
etag
W/"37b-594e40b7421be-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519fffed6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
PCA_Website_Hero-Homepage.jpg
pca00118.itsahappyclient.com/content/uploads/2019/03/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/uploads/2019/03/PCA_Website_Hero-Homepage.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9578c643fd2185d5dee0b287a6088e5b8215698e3581ebe6771045413779392a

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2019 21:43:47 GMT
server
cloudflare
etag
"5fbe2-5835fc4a4e816"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
568e0519f80ad6d5-FRA
content-length
392162
expires
Mon, 23 Mar 2020 03:54:37 GMT
PCA_Website_Icons_Advocacy.svg
pca00118.itsahappyclient.com/content/uploads/2019/01/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/uploads/2019/01/PCA_Website_Icons_Advocacy.svg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51e054797c9ecce7fb8e580a48004098f9d9c6ed0db6442ded955747befdc4b

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Jan 2019 16:17:58 GMT
server
cloudflare
etag
W/"1155-57fe6165db980-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519f80dd6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
PCA_Website_Icons_Prevention.svg
pca00118.itsahappyclient.com/content/uploads/2019/01/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/uploads/2019/01/PCA_Website_Icons_Prevention.svg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e727c42a7085174032ac86383d5ede139cf86d8b1289ae86991080ac69e2e730

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Jan 2019 16:18:23 GMT
server
cloudflare
etag
W/"e5a-57fe617db31c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519f810d6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
PCA_Website_Icons_Training.svg
pca00118.itsahappyclient.com/content/uploads/2019/01/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/uploads/2019/01/PCA_Website_Icons_Training.svg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8efa3e6c1e4bec6677a528f20a006464e99c4a283f6f0b8825384943a83cb29f

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Jan 2019 16:18:42 GMT
server
cloudflare
etag
W/"1875-57fe618fd1c80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519f814d6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
PCA_Website_Icons_Grantees_Grantees-01.svg
pca00118.itsahappyclient.com/content/uploads/2019/02/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/uploads/2019/02/PCA_Website_Icons_Grantees_Grantees-01.svg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28e189137138dbcab6d922633f244360a548e9a753e23f1cb8b5224ca63b178

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Feb 2019 21:43:24 GMT
server
cloudflare
etag
W/"e10-581409d882825-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
cf-ray
568e0519f819d6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
PCA_Website-Homepage-OurImpact.jpg
pca00118.itsahappyclient.com/content/uploads/2019/03/ 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pca00118.itsahappyclient.com/content/uploads/2019/03/PCA_Website-Homepage-OurImpact.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281bb65a5aa6f2acd521f1c4a6dad5acf610d6902b7637b550da53c5cd45c59a

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2019 22:41:09 GMT
server
cloudflare
etag
"338a8-5836091c82a56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
568e0519f81dd6d5-FRA
content-length
211112
expires
Mon, 23 Mar 2020 03:54:37 GMT
avenir-heavy-webfont.woff2
pca00118.itsahappyclient.com/content/themes/pca00118/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/fonts/avenir-heavy-webfont.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2907c6b90dfc2e713802baab024ec0aab3987f59529b79699cde27461f9f9e4

Request headers

Referer
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:48 GMT
server
cloudflare
etag
"4634-594e40b68b7de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
568e0519f825d6d5-FRA
content-length
17972
x-ua-compatible
IE=Edge,chrome=1
avenir-medium-webfont.woff2
pca00118.itsahappyclient.com/content/themes/pca00118/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/fonts/avenir-medium-webfont.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3288876090d639f2e363b4bdac709e675fecbf240279b92cb8a9e5cd979f3059

Request headers

Referer
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:48 GMT
server
cloudflare
etag
"4714-594e40b68c77e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
568e0519f82ad6d5-FRA
content-length
18196
x-ua-compatible
IE=Edge,chrome=1
icomoon.ttf
pca00118.itsahappyclient.com/content/themes/pca00118/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/fonts/icomoon.ttf?bnjwz5
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb64864e103cb297b6d2d6c4a480a14e93b41f89b10dfe9bb77ab3ab519b95c6

Request headers

Referer
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:48 GMT
server
cloudflare
status
200
etag
W/"978-594e40b68d71e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
568e0519f830d6d5-FRA
expires
Mon, 23 Mar 2020 03:54:37 GMT
avenir-black-webfont.woff2
pca00118.itsahappyclient.com/content/themes/pca00118/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pca00118.itsahappyclient.com/content/themes/pca00118/fonts/avenir-black-webfont.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42283d84d8aabfb2e11273a1cdd6af6842a4d28dcf974bd59aa0a5359f6dda6d

Request headers

Referer
https://pca00118.itsahappyclient.com/content/themes/pca00118/style.css?ver=1571082048
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Oct 2019 19:40:48 GMT
server
cloudflare
etag
"4508-594e40b68a83e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
568e0519f833d6d5-FRA
content-length
17672
x-ua-compatible
IE=Edge,chrome=1
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=985379073&t=pageview&_s=1&dl=https%3A%2F%2Fpca00118.itsahappyclient.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Prevent%20Child%20Abuse%20Iowa&sd=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-20386313-1&cid=1013788974.1582343679&jid=800209466&_gid=102035860.1582343679&gjid=1492554395&_v=j81&z=197885730
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-20386313-1&cid=1013788974.1582343679&jid=800209466&_gid=102035860.1582343679&gjid=1492554395&_v=j81&z=197885730
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sat, 22 Feb 2020 03:54:39 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Feb 2020 03:54:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-20386313-1&cid=1013788974.1582343679&jid=800209466&_gid=102035860.1582343679&gjid=1492554395&_v=j81&z=197885730
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.css
p.typekit.net/ 		5 B
168 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=hlu6pql&ht=tk&f=12783.12784.12785.12787&a=864984&app=typekit&e=css
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
last-modified
Mon, 21 Oct 2019 19:51:00 GMT
server
nginx
access-control-allow-origin
*
etag
"5dae0c24-5"
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
5
expires
Wed, 30 Oct 2019 04:50:36 GMT
l
use.typekit.net/af/c7b613/0000000000000000000118b3/27/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c7b613/0000000000000000000118b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1b144033e165bbeec6a0ba78c29b39a11befb67d796db6bab56c76ef54a76092

Request headers

Referer
https://use.typekit.net/hlu6pql.css
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
server
nginx
access-control-allow-origin
*
etag
"e119d8b20050295175f4285945d584b44e89d0a9"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
12396
l
use.typekit.net/af/9cb78a/0000000000000000000118ad/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9cb78a/0000000000000000000118ad/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8e92dedb50b92efc8e23e3a4985fdb53e587e85139e113953e877320ec6d705c

Request headers

Referer
https://use.typekit.net/hlu6pql.css
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Feb 2020 03:54:39 GMT
server
nginx
access-control-allow-origin
*
etag
"cf85d3e73680abc7bbab8e9752ec31b971a3f801"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
16180
Bloomerang-v2.js
crm.bloomerang.co/Content/Scripts/Api/ 		64 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=2019-10-02
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/bloomerang-public-cdn/preventchildabuseiowa/.widget-js/1567744.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.35.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-35-77.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f2ba5e25b6a31343521475e03116799a22772077012ec5672d3b4db4b94eb9da

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 22 Feb 2020 03:54:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Oct 2019 01:31:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0d6595f2f8dd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11609
accounting.min.js
crm.bloomerang.co/Content/Scripts/Lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crm.bloomerang.co/Content/Scripts/Lib/accounting.min.js
Requested by
Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=2019-10-02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.35.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-35-77.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ec8e2929277658d918b53d1d03853d33efa78dbd89f3e4f2e08d7dfe0d330555

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 22 Feb 2020 03:54:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Mar 2017 14:57:24 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"022f549d39cd21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1625
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js
Requested by
Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=2019-10-02
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B06) /
Resource Hash
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16167293
x-cache
HIT
status
200
content-length
6501
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:34 GMT
server
ECAcc (ama/8B06)
etag
"011774d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
additional-methods.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/additional-methods.min.js
Requested by
Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=2019-10-02
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B52) /
Resource Hash
5dc21db9060b38405f2f273d05a0c2041b1ac23e7abcf171a36e0038f49f2f5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16101083
x-cache
HIT
status
200
content-length
2380
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:34 GMT
server
ECAcc (ama/8B52)
etag
"011774d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
1567744
api.bloomerang.co/v1/Widget/ 		2 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bloomerang.co/v1/Widget/1567744?ApiKey=pub_e456adf7-7d11-11e7-afbe-024e165d44b3
Requested by
Host: pca00118.itsahappyclient.com
URL: https://pca00118.itsahappyclient.com/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.110.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-110-71.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Access-Control-Request-Method
POST
Origin
https://pca00118.itsahappyclient.com
Referer
https://pca00118.itsahappyclient.com/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Pragma
no-cache
Date
Sat, 22 Feb 2020 03:54:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
POST,GET,PUT,DELETE,HEAD,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
2
Expires
-1
1567744
api.bloomerang.co/v1/Widget/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bloomerang.co/v1/Widget/1567744?ApiKey=pub_e456adf7-7d11-11e7-afbe-024e165d44b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.110.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-110-71.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f72a1965dde2d0c27947e11ca07f28b7d91dcb6bd32eeaacc85e9161ffb31174

Request headers

Accept
*/*
Referer
https://pca00118.itsahappyclient.com/
Origin
https://pca00118.itsahappyclient.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 22 Feb 2020 03:54:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
POST,GET,PUT,DELETE,HEAD,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
16578
Expires
-1
/
js.stripe.com/v3/ 		156 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=2019-10-02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aae1e47515d61793ebd6d760c9846e99703c4ed656bf51fac9058d275fb2b20
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:42 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
88
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
40891
x-amz-id-2
oxoC+WZ7vCzCg4vfJJnu+qPd7wKTULqebwCBChWwdXWmR/EfzljQv/A0AnboykIeiMEBkgZRMSA=
x-served-by
cache-hhn4055-HHN
last-modified
Thu, 20 Feb 2020 16:44:07 GMT
server
AmazonS3
x-timer
S1582343682.380616,VS0,VE0
etag
"109fa50a3042c4d483fd9161f92c8d9b"
vary
Accept-Encoding
x-amz-request-id
C1774613621B7C95
via
1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19
api.js
www.google.com/recaptcha/ 		738 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoadCallback&render=explicit
Requested by
Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=2019-10-02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59735d090fbeacb39cb08d3f7c9658ca027c6e0e83655a94447b4d74499ad416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 03:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
472
x-xss-protection
1; mode=block
expires
Sat, 22 Feb 2020 03:54:42 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/ 		259 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pca00118.itsahappyclient.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 17:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Feb 2020 05:05:57 GMT
server
sffe
age
296485
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94999
x-xss-protection
0
expires
Wed, 17 Feb 2021 17:33:17 GMT
outer.html
js.stripe.com/v2/m/ Frame 7859 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://pca00118.itsahappyclient.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://pca00118.itsahappyclient.com/

Response headers

status
200
x-amz-id-2
Ct6Lo35nU+8/khAA2ThjgqWzeWmfZpZ25TZdkuVTV08gFY/uED+O796iiroLrK/smOMkeuepW6c=
x-amz-request-id
082D8D93894DDA55
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sat, 22 Feb 2020 03:54:42 GMT
via
1.1 varnish
age
17
x-served-by
cache-hhn4055-HHN
x-cache
HIT
x-cache-hits
6
x-timer
S1582343682.497100,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
anchor
www.google.com/recaptcha/api2/ Frame F747 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_MLoUAAAAAA9S3oEsQguJCG-tHNb4s1aabeOq&co=aHR0cHM6Ly9wY2EwMDExOC5pdHNhaGFwcHljbGllbnQuY29tOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=normal&cb=ogohembw0cf1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XjnKYUuaXYz97NF+pjXmYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld_MLoUAAAAAA9S3oEsQguJCG-tHNb4s1aabeOq&co=aHR0cHM6Ly9wY2EwMDExOC5pdHNhaGFwcHljbGllbnQuY29tOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=normal&cb=ogohembw0cf1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://pca00118.itsahappyclient.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://pca00118.itsahappyclient.com/

Response headers

status
200
content-security-policy
script-src 'report-sample' 'nonce-XjnKYUuaXYz97NF+pjXmYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Sat, 22 Feb 2020 03:54:42 GMT
expires
Sat, 22 Feb 2020 03:54:42 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1102
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| _wpemojiSettings object| google_tag_manager string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery string| cssTarget string| ForceInlineSVGActive object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp boolean| bloomerangLoadStarted object| PCA_AJAX function| initAccordion function| initCustomForms function| initFiltration function| initHideBlock function| initDropDownClasses function| initMobileNav function| initMobileNavigation function| initSameHeight function| initSlickCarousel object| AOS function| CountUp function| SlideAccordion object| jcf object| picturefillCFG function| picturefill object| jQuery112408731182998386091 object| ResponsiveHelper object| viewportUnitsBuggyfill object| html5 object| Modernizr function| yepnope object| respond function| bodhisvgsInlineSupport object| Bloomerang object| accounting function| captchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| Stripe object| closure_lm_588184

4 Cookies

Domain/Path Name / Value
.itsahappyclient.com/ Name: _gid
Value: GA1.2.102035860.1582343679
.itsahappyclient.com/ Name: _gat_gtag_UA_20386313_1
Value: 1
.itsahappyclient.com/ Name: _ga
Value: GA1.2.1013788974.1582343679
.itsahappyclient.com/ Name: __cfduid
Value: ddd9665d10a7d1fcf867fccba165da2f81582343678

2 Console Messages

Source Level URL
Text
console-api log URL: https://pca00118.itsahappyclient.com/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://pca00118.itsahappyclient.com/content/themes/pca00118/js/global.min.js?ver=1571082049(Line 1)
Message:
hi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api.bloomerang.co
crm.bloomerang.co
js.stripe.com
p.typekit.net
pca00118.itsahappyclient.com
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.111.215.74
151.101.112.176
152.199.19.160
2606:4700:3032::681c:4a
2a00:1450:4001:809::2003
2a00:1450:4001:821::2004
2a00:1450:4001:825::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c04::9d
52.218.236.176
52.25.110.71
52.36.35.77
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
186cbdb84877de84021263d45f3465e788ef7ca912135eb861c5ad6771e566ab
1b144033e165bbeec6a0ba78c29b39a11befb67d796db6bab56c76ef54a76092
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
281bb65a5aa6f2acd521f1c4a6dad5acf610d6902b7637b550da53c5cd45c59a
327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee
3288876090d639f2e363b4bdac709e675fecbf240279b92cb8a9e5cd979f3059
3aae1e47515d61793ebd6d760c9846e99703c4ed656bf51fac9058d275fb2b20
3fc099f0d949a26aff47da374ffa30959907dacc26e451ad62d92c2b047f286d
42283d84d8aabfb2e11273a1cdd6af6842a4d28dcf974bd59aa0a5359f6dda6d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
54eadb6583cca61464e3df1fc29c37473248630d0511a3d04afc2a0d35619871
59735d090fbeacb39cb08d3f7c9658ca027c6e0e83655a94447b4d74499ad416
5dc21db9060b38405f2f273d05a0c2041b1ac23e7abcf171a36e0038f49f2f5a
6068439204859409723f802f073bee7c5bfcf36b233922a164e5b0a69b24b512
7139e6077c06e394566fed40445d344d8f58f587dcebcfc3f7aefc514b6c9ace
73eead8fd31f724a303f78d6069b08fbab65be9dada022577054ca2ead036b9c
756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74
76a44f6ccde1ad1c89f8fb0d2fed7d25ae4923208b2aaf2f262dc13a572ee6d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8707eceabdeb946d5aa697f5b13ef6b4df8dbdf983b9e27e50161bb86bf8d96c
8e92dedb50b92efc8e23e3a4985fdb53e587e85139e113953e877320ec6d705c
8efa3e6c1e4bec6677a528f20a006464e99c4a283f6f0b8825384943a83cb29f
9578c643fd2185d5dee0b287a6088e5b8215698e3581ebe6771045413779392a
96c3ff9d52958830f6a4e3bf22058535ec973786d1b519c2859355cb5d60595c
9d38ee125b0c3cb61c08d9d440177748e8619f26eace32d0f37c3ffb6194a1e1
a26332453127545ca0a585f6603f2f8d00857472b6b11d10b288763ba374c4d8
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
b018bc98206c8f6022e4067a96a8bf468ef689a4250aab7d0c08e1d17fe5e683
b2907c6b90dfc2e713802baab024ec0aab3987f59529b79699cde27461f9f9e4
b715ba05fe9139ab6e9fffda783b104f81772f33af60958ef08d4eb488a5f8cf
c51e054797c9ecce7fb8e580a48004098f9d9c6ed0db6442ded955747befdc4b
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
cb64864e103cb297b6d2d6c4a480a14e93b41f89b10dfe9bb77ab3ab519b95c6
e1806f61b9ff081255201a782193aa244cfca4ccdad513af7c41ccd886d6f0d6
e28e189137138dbcab6d922633f244360a548e9a753e23f1cb8b5224ca63b178
e727c42a7085174032ac86383d5ede139cf86d8b1289ae86991080ac69e2e730
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec8e2929277658d918b53d1d03853d33efa78dbd89f3e4f2e08d7dfe0d330555
f2ba5e25b6a31343521475e03116799a22772077012ec5672d3b4db4b94eb9da
f5e0d4e432c51d6b82047befba23bfd5597790b88cbcdfe1ec21dee7195e8399
f72a1965dde2d0c27947e11ca07f28b7d91dcb6bd32eeaacc85e9161ffb31174