urlscan.io logo urlscan.io
SecurityTrails logo

kulturagroup.com Open in urlscan Pro
67.225.136.213  Public Scan

Go To Rescan Add Verdict Report
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Submission: On April 05 via api from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 67.225.136.213, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is kulturagroup.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 20th 2019. Valid for: 3 months.
This is the only time kulturagroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 67.225.136.213 32244 (LIQUIDWEB)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 104.16.83.55 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.16.36.13 13335 (CLOUDFLAR...)
36 8
21    67.225.136.213 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.toongroup.com
kulturagroup.com
airinmotion.ca
67.225.136.213
3    2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:819::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:809::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    104.16.83.55 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2.zopim.com
2    2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    104.16.36.13 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2assets.zopim.io
Domain Requested by
19 airinmotion.ca kulturagroup.com
airinmotion.ca
4 fonts.gstatic.com kulturagroup.com
3 fonts.googleapis.com kulturagroup.com
2 www.google-analytics.com www.googletagmanager.com
kulturagroup.com
2 v2.zopim.com 1 redirects kulturagroup.com
2 www.googletagmanager.com kulturagroup.com
1 v2assets.zopim.io kulturagroup.com
1 kulturagroup.com
36 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
airinmotion.ca
wordpress.org
websitetoon.com
Subject Issuer Validity Valid
airinmotion.ca
Let's Encrypt Authority X3		 2019-02-20 -
2019-05-21		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.zopim.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-06 -
2020-12-29		 3 years crt.sh
*.zopim.io
COMODO RSA Domain Validation Secure Server CA		 2018-03-07 -
2020-03-16		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Frame ID: 99FE19B7F9B75CE434E81866B73D22F5
Requests: 35 HTTP requests in this frame

Frame: https://v2assets.zopim.io/3jM1reK1fpLv97r57j7tO6qxHvgnHvz1-banner?1456787861787
Frame ID: 01C005036841FC74766D05E51F8B6F64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i
Overall confidence: 100%
Detected patterns
  • script /v2\.zopim\.com/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

36
Requests

89 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

555 kB
Transfer

2150 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://v2.zopim.com/?3jM1reK1fpLv97r57j7tO6qxHvgnHvz1 HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.287.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/ 		50 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 / PHP/5.6.40
Resource Hash
b4ae43f45dc8c9c6eeedd53a1d223f1fe2d2b4a59a64c88af5a3af3c8eaceed1

Request headers

Host
kulturagroup.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:22 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
X-Powered-By
PHP/5.6.40
Pragma
no-cache
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://airinmotion.ca/wp-json/>; rel="https://api.w.org/"
Set-Cookie
PHPSESSID=27d164c98cca9c1e72dc77af275f2406; path=/
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
10774
Keep-Alive
timeout=5, max=200
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
style.min.css
airinmotion.ca/wp-includes/css/dist/block-library/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jan 2019 17:09:23 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"4c268e-643a-57f823912df05-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
4302
styles.css
airinmotion.ca/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jan 2019 17:09:55 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"9c0ace-695-57f823af37e13-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
651
filterMediank.css
airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/css/filterMediank.css?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
45b4ebdafe4ed75f9fd30179adfc5edc0f636396b1efc621df3e73f5516c16a0

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 19:39:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"98195a-17d0-582e553766102-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
1726
filterMediank-lbox.css
airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/css/filterMediank-lbox.css?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
347aa87af1688b1fca097b5d94dc05a9966f9fce8271d924caa38cf33d467671

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 19:39:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"98195b-127f-582e553766102-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
1561
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ce2dc45c0adef73039fafb13f6147ac6d4e9c27f5e2839126500fa3eef483c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 05 Apr 2019 01:35:23 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 05 Apr 2019 01:35:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Fri, 05 Apr 2019 01:35:23 GMT
css
fonts.googleapis.com/ 		4 KB
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Slab:400,100,100italic,300,300italic,400italic,600,700,700italic,600italic&subset=latin
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
56b15f2d4bc491b4ed5a220def50d8b6cebafdb51f1410c2e41535db097a7ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 05 Apr 2019 01:35:23 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 05 Apr 2019 01:35:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Fri, 05 Apr 2019 01:35:23 GMT
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ce2dc45c0adef73039fafb13f6147ac6d4e9c27f5e2839126500fa3eef483c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 05 Apr 2019 01:35:23 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 05 Apr 2019 01:35:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Fri, 05 Apr 2019 01:35:23 GMT
style.css
airinmotion.ca/wp-content/themes/airinmotion/ 		359 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/style.css?ver=2.4.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
12c49efaa5b2ac4a79c790a66d03d357533d5a60fc35c4af3fd33b9464b13a93

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Nov 2017 15:46:35 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"746320-59b53-55ebc7525676d-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
45123
shortcodes.css
airinmotion.ca/wp-content/themes/airinmotion/epanel/shortcodes/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/epanel/shortcodes/css/shortcodes.css?ver=3.0
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
fd496eb1fb264d99196187b01b79e110fb7ccb523d6bd093f526edc41aa9fa18

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 12:07:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"746615-8da7-519a6ed6a8580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
5781
shortcodes_responsive.css
airinmotion.ca/wp-content/themes/airinmotion/epanel/shortcodes/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/epanel/shortcodes/css/shortcodes_responsive.css?ver=3.0
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
42d10ae2dcf2b8fa07e75a0b3a403ad50b176e8cd667b4b5f47857f764e43873

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 12:07:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"746614-fca-519a6ed6a8580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
826
jquery.js
airinmotion.ca/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2016 13:34:30 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"443672-17ba0-5338280030580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
33766
jquery-migrate.min.js
airinmotion.ca/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jun 2016 16:25:32 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"44367f-2748-53439f03f1700-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
4014
filterMediank.js
airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/js/filterMediank.js?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
537ebc53c481fe8ca350677f72feb0918299fa525ab617ec2b4c68a623b1bed8

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 19:39:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"981961-1f5a-582e553766102-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
1763
filterMediank-lbox-js.js
airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/js/filterMediank-lbox-js.js?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
6c24127df5f1888cb4b52d51c33b0d0fdd5c889036a5eaa586b886364bcea80b

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 19:39:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"981960-8ff8-582e553766102-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
8960
js
www.googletagmanager.com/gtag/ 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-77053552-1
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
a9b75fd2dcb666e186252d0848af56b8d4a6297806df6748ab4d020c18a63940
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 05 Apr 2019 01:35:23 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24925
x-xss-protection
0
expires
Fri, 05 Apr 2019 01:35:23 GMT
Logo-Air.png
67.225.136.213/~airinmotion/wp-content/uploads/2016/01/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://67.225.136.213/~airinmotion/wp-content/uploads/2016/01/Logo-Air.png
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
5f47f91c1963e89e879c2065c602f206b272d4abfab02f28daa0d60437003ba9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:23 GMT
Last-Modified
Wed, 27 Jan 2016 12:22:51 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"722f7a-5a8b-52a4fdc569cc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
23179
scripts.js
airinmotion.ca/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jan 2019 17:09:55 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"9c0aee-3868-57f823af389cb-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
3993
jquery.fitvids.js
airinmotion.ca/wp-content/themes/airinmotion/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/js/jquery.fitvids.js?ver=2.4.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
264b17be884bc843c87237983b1138add92d2c0f318f7addabf1b75c3693634d

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 12:07:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"74662f-b7f-519a6ed6a8580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
1191
waypoints.min.js
airinmotion.ca/wp-content/themes/airinmotion/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/js/waypoints.min.js?ver=2.4.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
41293c1fef3105487e7934d701a91565c7c3911ef858978baada5e2cf7a73bcb

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 12:07:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"746631-1f73-519a6ed6a8580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=197
Content-Length
2625
jquery.magnific-popup.js
airinmotion.ca/wp-content/themes/airinmotion/js/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/js/jquery.magnific-popup.js?ver=2.4.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
cc53c002a2ccdc9e5e140dc915f6ca75b231e511c5f8eeede783f0e10c4d6eee

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 12:07:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"746636-ba66-519a6ed6a8580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=197
Content-Length
13846
custom.js
airinmotion.ca/wp-content/themes/airinmotion/js/ 		128 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-content/themes/airinmotion/js/custom.js?ver=2.4.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
0e9e382e0b5005f3470f2d843bc55fecb60c357116a08fb015168d356e5f1c32

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 12:07:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"746634-20051-519a6ed6a8580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
24013
wp-embed.min.js
airinmotion.ca/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-includes/js/wp-embed.min.js?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jan 2019 17:09:23 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"3c0bc6-57b-57f8239140bcd-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
753
wp-emoji-release.min.js
airinmotion.ca/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airinmotion.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.0.4
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jan 2019 17:09:23 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"3c0bcd-2efa-57f82391407e5-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
4382
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VF4QV
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ETmodules_v2_4.ttf
airinmotion.ca/wp-content/themes/airinmotion/includes/builder/fonts/ 		0
0
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin
https://kulturagroup.com

Response headers

date
Mon, 25 Mar 2019 20:19:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
882953
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:31 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin
https://kulturagroup.com

Response headers

date
Mon, 25 Mar 2019 20:19:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:28 GMT
server
sffe
age
882934
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:50 GMT
lW-5wjwOK3Ps5GSJlNNkMalnqg6vBMjoPg.woff2
fonts.gstatic.com/s/josefinslab/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinslab/v9/lW-5wjwOK3Ps5GSJlNNkMalnqg6vBMjoPg.woff2
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cf45e4068b5f7384750f688b9fe50d44e8a34b23f9f179ddc20fdea129f57871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Josefin+Slab:400,100,100italic,300,300italic,400italic,600,700,700italic,600italic&subset=latin
Origin
https://kulturagroup.com

Response headers

date
Fri, 08 Mar 2019 23:24:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:50:45 GMT
server
sffe
age
2340670
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9044
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 23:24:14 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin
https://kulturagroup.com

Response headers

date
Mon, 25 Mar 2019 20:19:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:39 GMT
server
sffe
age
882936
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:48 GMT
widget_v2.287.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/?3jM1reK1fpLv97r57j7tO6qxHvgnHvz1
  • https://v2.zopim.com/bin/v/widget_v2.287.js
1 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.287.js
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.83.55 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00aad851dd95cd5e01b8ad12938884374627fe59ba8ea1331ae2e998837c868a

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 05 Apr 2019 01:35:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Mar 2019 05:06:07 GMT
server
cloudflare
etag
W/"5c99b33f-1046e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=315360000
cf-ray
4c27c9045c21641b-FRA
expires
Mon, 02 Apr 2029 01:35:24 GMT

Redirect headers

date
Fri, 05 Apr 2019 01:35:24 GMT
cf-cache-status
MISS
server
cloudflare
location
https://v2.zopim.com/bin/v/widget_v2.287.js
etag
"5ca57346-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
302
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
4c27c9039bc2641b-FRA
content-length
0
expires
Fri, 05 Apr 2019 05:35:24 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77053552-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6508
date
Thu, 04 Apr 2019 23:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Fri, 05 Apr 2019 01:46:56 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1668351810&t=pageview&_s=1&dl=https%3A%2F%2Fkulturagroup.com%2FSouthernCrossCarPDF%2FSouthernCrossCarPDF%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Furnace%20and%20Air%20Condition%20Repair%20Mississauga&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=588724270&gjid=30666883&cid=451076746.1554428125&tid=UA-77053552-1&_gid=1478405985.1554428125&_r=1&gtm=2ou3r3&z=1656283567
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Apr 2019 01:35:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
controls.png
airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/images/vl-box/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/images/vl-box/controls.png
Requested by
Host: airinmotion.ca
URL: https://airinmotion.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.225.136.213 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.toongroup.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Request headers

Referer
https://airinmotion.ca/wp-content/plugins/responsive-filterable-portfolio/css/filterMediank-lbox.css?ver=5.0.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 05 Apr 2019 01:35:24 GMT
Last-Modified
Wed, 27 Feb 2019 19:39:02 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
ETag
"981952-552-582e553765d1a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=196
Content-Length
1362
ETmodules_v2_4.woff
airinmotion.ca/wp-content/themes/airinmotion/includes/builder/fonts/ 		0
0
3jM1reK1fpLv97r57j7tO6qxHvgnHvz1-banner
v2assets.zopim.io/ Frame 01C0 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v2assets.zopim.io/3jM1reK1fpLv97r57j7tO6qxHvgnHvz1-banner?1456787861787
Requested by
Host: kulturagroup.com
URL: https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.36.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8123663ec15efe5901f628ef484d6fe3f8e0b99c4ec9cff26b92775d3ea6b85

Request headers

Referer
https://kulturagroup.com/SouthernCrossCarPDF/SouthernCrossCarPDF/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 05 Apr 2019 01:35:26 GMT
cf-cache-status
MISS
x-amz-request-id
1CB3AF7B00CBEE9A
x-amz-server-side-encryption
AES256
status
200
content-length
29453
x-amz-id-2
6069hf5bjv//EIJVI36OFMkNsNl05lCh6Yl3XudGs3uRC0gp2Z4YdL5aISMixz/L35UZzyuFD6s=
last-modified
Thu, 13 Oct 2016 21:02:59 GMT
server
cloudflare
etag
"03d85a1553873c0e783d8c7145017fc1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4c27c90b2d5ac274-FRA
expires
Sat, 06 Apr 2019 01:35:26 GMT
truncated
/ Frame 01C0 		13 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://kulturagroup.com

Response headers

Content-Type
application/font-woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
airinmotion.ca
URL
https://airinmotion.ca/wp-content/themes/airinmotion/includes/builder/fonts/ETmodules_v2_4.ttf
Domain
airinmotion.ca
URL
https://airinmotion.ca/wp-content/themes/airinmotion/includes/builder/fonts/ETmodules_v2_4.woff

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings undefined| $ function| jQuery object| jQuery112409670321190642726 object| dataLayer function| gtag function| $zopim object| wpcf7 object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp object| et_custom object| $et_pb_carousel string| __$__GEO number| $logo_width

5 Cookies

Domain/Path Name / Value
.kulturagroup.com/ Name: __zlcmid
Value: rfi8emuLqtwEYp
.kulturagroup.com/ Name: _gat_gtag_UA_77053552_1
Value: 1
.kulturagroup.com/ Name: _gid
Value: GA1.2.1478405985.1554428125
.kulturagroup.com/ Name: _ga
Value: GA1.2.451076746.1554428125
kulturagroup.com/ Name: PHPSESSID
Value: 27d164c98cca9c1e72dc77af275f2406

1 Console Messages

Source Level URL
Text
console-api log URL: https://airinmotion.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airinmotion.ca
fonts.googleapis.com
fonts.gstatic.com
kulturagroup.com
v2.zopim.com
v2assets.zopim.io
www.google-analytics.com
www.googletagmanager.com
airinmotion.ca
104.16.36.13
104.16.83.55
2a00:1450:4001:809::2003
2a00:1450:4001:814::200a
2a00:1450:4001:819::2008
2a00:1450:4001:81e::200e
67.225.136.213
00aad851dd95cd5e01b8ad12938884374627fe59ba8ea1331ae2e998837c868a
0e9e382e0b5005f3470f2d843bc55fecb60c357116a08fb015168d356e5f1c32
12c49efaa5b2ac4a79c790a66d03d357533d5a60fc35c4af3fd33b9464b13a93
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
264b17be884bc843c87237983b1138add92d2c0f318f7addabf1b75c3693634d
347aa87af1688b1fca097b5d94dc05a9966f9fce8271d924caa38cf33d467671
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
41293c1fef3105487e7934d701a91565c7c3911ef858978baada5e2cf7a73bcb
42d10ae2dcf2b8fa07e75a0b3a403ad50b176e8cd667b4b5f47857f764e43873
45b4ebdafe4ed75f9fd30179adfc5edc0f636396b1efc621df3e73f5516c16a0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
537ebc53c481fe8ca350677f72feb0918299fa525ab617ec2b4c68a623b1bed8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56b15f2d4bc491b4ed5a220def50d8b6cebafdb51f1410c2e41535db097a7ec2
5f47f91c1963e89e879c2065c602f206b272d4abfab02f28daa0d60437003ba9
6c24127df5f1888cb4b52d51c33b0d0fdd5c889036a5eaa586b886364bcea80b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a9b75fd2dcb666e186252d0848af56b8d4a6297806df6748ab4d020c18a63940
b4ae43f45dc8c9c6eeedd53a1d223f1fe2d2b4a59a64c88af5a3af3c8eaceed1
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8123663ec15efe5901f628ef484d6fe3f8e0b99c4ec9cff26b92775d3ea6b85
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
cc53c002a2ccdc9e5e140dc915f6ca75b231e511c5f8eeede783f0e10c4d6eee
ce2dc45c0adef73039fafb13f6147ac6d4e9c27f5e2839126500fa3eef483c34
cf45e4068b5f7384750f688b9fe50d44e8a34b23f9f179ddc20fdea129f57871
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd496eb1fb264d99196187b01b79e110fb7ccb523d6bd093f526edc41aa9fa18