urlscan.io logo urlscan.io
SecurityTrails logo

www.two70.com Open in urlscan Pro
52.54.124.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://willytwitchell.com/
Effective URL: https://www.two70.com/idaho-horse-property/
Submission Tags: phishingrod
Submission: On April 08 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 17 HTTP transactions. The main IP is 52.54.124.148, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.two70.com.
TLS certificate: Issued by R3 on March 2nd 2024. Valid for: 3 months.
This is the only time www.two70.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
4 52.54.124.148 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.192.45 16509 (AMAZON-02)
2 18.66.192.68 16509 (AMAZON-02)
1 18.173.154.97 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
3 104.17.24.14 13335 (CLOUDFLAR...)
17 10
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
willytwitchell.com
4    52.54.124.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-124-148.compute-1.amazonaws.com
www.two70.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    18.66.192.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-45.muc50.r.cloudfront.net
t2.realgeeks.media
2    18.66.192.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-68.muc50.r.cloudfront.net
u.realgeeks.media
1    18.173.154.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-97.muc50.r.cloudfront.net
cdn.realgeeks.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
4 realgeeks.media
t2.realgeeks.media — Cisco Umbrella Rank: 362391
u.realgeeks.media — Cisco Umbrella Rank: 208431
449 KB
4 two70.com
www.two70.com
152 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
274 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
30 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2709
244 B
1 realgeeks.com
cdn.realgeeks.com — Cisco Umbrella Rank: 218000
888 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
89 KB
1 willytwitchell.com
willytwitchell.com
142 B
17 9
Domain Requested by
4 www.two70.com www.two70.com
cdn.realgeeks.com
3 cdnjs.cloudflare.com www.two70.com
cdnjs.cloudflare.com
2 u.realgeeks.media www.two70.com
2 t2.realgeeks.media www.two70.com
2 fonts.googleapis.com www.two70.com
1 code.jquery.com www.two70.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.realgeeks.com www.two70.com
1 www.googletagmanager.com www.two70.com
1 willytwitchell.com 1 redirects
17 10
Subject Issuer Validity Valid
two70.com
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
t.realgeeks.media
Amazon RSA 2048 M02		 2023-12-12 -
2025-01-09		 a year crt.sh
u.realgeeks.media
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
cdn.realgeeks.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.two70.com/idaho-horse-property/
Frame ID: 66D4B23E2DD7AD1EC40A470255A300A5
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Idaho Horse Property

Page URL History Show full URLs

  1. https://willytwitchell.com/ HTTP 301
    https://www.two70.com/idaho-horse-property/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

1883 kB
Transfer

5730 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://willytwitchell.com/ HTTP 301
    https://www.two70.com/idaho-horse-property/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.two70.com/idaho-horse-property/
Redirect Chain
  • https://willytwitchell.com/
  • https://www.two70.com/idaho-horse-property/
198 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.two70.com/idaho-horse-property/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.124.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-124-148.compute-1.amazonaws.com
Software
openresty/1.19.9.1 / Otter-Pops
Resource Hash
1e8290b2b2872a78538d86a98bac614056126862200712a27704cd0ba3a48408

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 08 Apr 2024 14:54:44 GMT
Server
openresty/1.19.9.1
Transfer-Encoding
chunked
Vary
Cookie
X-Powered-By
Otter-Pops

Redirect headers

content-length
240
content-type
text/html; charset=UTF-8
date
Mon, 08 Apr 2024 14:54:44 GMT
location
https://www.two70.com/idaho-horse-property/
server
ghs
x-frame-options
SAMEORIGIN
x-xss-protection
0
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter&display=swap
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
134d30ed9c825909dd32af40d469aaafedfe1b17447abee0ed6c43c7254d2a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Apr 2024 14:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 13:28:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Apr 2024 14:54:44 GMT
css
fonts.googleapis.com/ 		1 KB
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Apr 2024 14:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 13:06:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Apr 2024 14:54:44 GMT
miranda-thin.css
www.two70.com/ss/ 		390 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.two70.com/ss/miranda-thin.css?hash=7bb2065523967c43a7e66668bfdc24ff:c0202bdd53e774cae6a82326151bc49c
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.124.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-124-148.compute-1.amazonaws.com
Software
openresty/1.19.9.1 / Otter-Pops
Resource Hash
54f23b5a49e34951270e11ffddf58b647ade6db480c6d664f57d13bf5a825a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/idaho-horse-property/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 14:54:45 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
Last-Modified
Mon, 08 Apr 2024 14:48:35 GMT
Server
openresty/1.19.9.1
X-Powered-By
Otter-Pops
Transfer-Encoding
chunked
Vary
Cookie
Content-Type
text/css
X-UA-Device
wat?
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Mon, 15 Apr 2024 14:48:35 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G6YVB7Y1Q5
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b173ae2d79802f9ac746592be3b7b3f5f1f3a4b4f1b933e43e8dd9591ef35493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:54:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90568
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Apr 2024 14:54:44 GMT
two701%252FTwo70_Dark_Logo-01.png
t2.realgeeks.media/thumbnail/L-kra3TeRe014RgH6EVJQo5ZoFQ=/fit-in/200x43/filters:format(png)/t.realgeeks.media/resize/140x/https://u.realgeeks.media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.realgeeks.media/thumbnail/L-kra3TeRe014RgH6EVJQo5ZoFQ=/fit-in/200x43/filters:format(png)/t.realgeeks.media/resize/140x/https://u.realgeeks.media/two701%252FTwo70_Dark_Logo-01.png
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-45.muc50.r.cloudfront.net
Software
/
Resource Hash
268d09d85979a8c9da25c931b82b41c6e1a4b2c944e4b7a56530f323e441a634

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 18:50:20 GMT
via
1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
245064
x-amzn-requestid
7e88476f-b16f-4e94-8ed0-62542ffcd69b
x-cache
Hit from cloudfront
x-amz-apigw-id
VxAtCFRKoAMEbDA=
content-length
5088
etag
"440190f8268aa6170f2ecdec5a25d7825b964b0c"
x-amzn-trace-id
Root=1-661047ec-4644833a4d88e7e1421da8e1;Parent=11613d8a3d4e4a39;Sampled=0;lineage=f49e0eff:0
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000,public
x-amz-cf-id
1psW6K0JqeQ6B81Pb92rbt5qXRS9kpkKThwXGmaxmdRAOY8GFdWETw==
x-amzn-remapped-date
Fri, 05 Apr 2024 18:50:20 GMT
expires
Sat, 05 Apr 2025 18:50:20 GMT
Two70_Signs.png
u.realgeeks.media/two701/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.realgeeks.media/two701/Two70_Signs.png
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-68.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5b746857b4eaebe23a01d5975b2eb453909226eac57ce54a0c3def4b8d39165

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
y3iaDAP739D.yWf41k8S4HwghOAYGVAG
date
Mon, 08 Apr 2024 14:54:46 GMT
via
1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 18:03:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
etag
"c9e77e47773b5ba620c034548c56c4d0"
x-cache
RefreshHit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
211266
x-amz-cf-id
4F_GNhUk13_sljW9kIl9DWLEa3hh9-ro2SygP7ih4ewkL60jWEKmJw==
aa46e72af512.js
cdn.realgeeks.com/static/CACHE/js/ 		4 MB
888 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.realgeeks.com/static/CACHE/js/aa46e72af512.js
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-97.muc50.r.cloudfront.net
Software
openresty/1.19.9.1 / Otter-Pops
Resource Hash
47f8a8cd6af16d96b78cae75665c1a2b199200ed45371068410614e4558cc83f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 21:24:52 GMT
content-encoding
gzip
via
1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
last-modified
Mon, 01 Apr 2024 21:24:06 GMT
server
openresty/1.19.9.1
x-amz-cf-pop
MUC50-P3
age
581392
etag
W/"660b25f6-3b105e"
x-powered-by
Otter-Pops
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-id
KlAlUQZzsQ3Z9LmIcJuSeOiPQMxsvIFcVZjpeVInjroGD-hhOdOjGw==
expires
Wed, 01 May 2024 21:24:52 GMT
collect
region1.google-analytics.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G6YVB7Y1Q5&gtm=45je4430v890846840za200&_p=1712588085226&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1439065476.1712588085&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712588085&sct=1&seg=0&dl=https%3A%2F%2Fwww.two70.com%2Fidaho-horse-property%2F&dt=Idaho%20Horse%20Property&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.board=139%2C238%2C5074%2C5234&ep.content_page_property_lead_capture=true&epn.lead_capture_on_property=2&ep.site_domain=www.two70.com&ep.rg_template=miranda-thin&tfd=1170
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6YVB7Y1Q5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 14:54:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.two70.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:54:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1744871
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-fra-eddf8230145-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712588085.288130,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 37701
kitchen-two70.jpg
t2.realgeeks.media/thumbnail/CYlMYMUsxSWNTX3GCmyyjjwDbrY=/fit-in/0x825/u.realgeeks.media/two701/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.realgeeks.media/thumbnail/CYlMYMUsxSWNTX3GCmyyjjwDbrY=/fit-in/0x825/u.realgeeks.media/two701/kitchen-two70.jpg
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-45.muc50.r.cloudfront.net
Software
/
Resource Hash
330e22eae9d76902b3f95af604d0e7588bdd6be6ab9f7eebfa63aa69a113fbef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 18:50:22 GMT
via
1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
245063
x-amzn-requestid
df580f6d-ead7-4f93-bb2d-fd52dd85d6ca
x-cache
Hit from cloudfront
x-amz-apigw-id
VxAtIGN0IAMEQoQ=
content-length
240265
etag
"41d1fd286b65e11613867a6d92e3bf4eed450024"
x-amzn-trace-id
Root=1-661047ed-5076d3e92c5f7ec9728ddbfd;Parent=236f88f56e4fc482;Sampled=0;lineage=f49e0eff:0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000,public
x-amz-cf-id
bhh7W2BzhE7D3OjwnDV8EEJ7jFQ-grb2QIQhAtEBuTuk7ln1k1RowA==
x-amzn-remapped-date
Fri, 05 Apr 2024 18:50:21 GMT
expires
Sat, 05 Apr 2025 18:50:22 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39c8e9fc103593c7af1d3e080643253f73a41e92493cbfe8a2740e254afbf651

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d0666cc54c9bae901583205201bdde8b122457c8a02f1643409f34d7b356621

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.two70.com/api/v2/search/autocomplete-options/ 		193 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.two70.com/api/v2/search/autocomplete-options/
Requested by
Host: cdn.realgeeks.com
URL: https://cdn.realgeeks.com/static/CACHE/js/aa46e72af512.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.124.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-124-148.compute-1.amazonaws.com
Software
openresty/1.19.9.1 / Otter-Pops
Resource Hash
4e3fbc636aa4324b4f837f028f54ccb3240412d00402cf232fa30e7f6a1d7ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.two70.com/idaho-horse-property/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 14:54:45 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
Server
openresty/1.19.9.1
X-Powered-By
Otter-Pops
Transfer-Encoding
chunked
Vary
Cookie
Content-Type
application/json
X-Backend-Cache
HIT
X-UA-Device
wat?
Connection
keep-alive
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Requested by
Host: www.two70.com
URL: https://www.two70.com/idaho-horse-property/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2239919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18778
last-modified
Wed, 02 Aug 2023 21:01:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64cac444-495a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjQd2BN8F0FTXCZLOFMto00GgsjeDWhO6iQ9Q8WNhST7MKDlS8lEESTu8LzD9fKM8aszbA0vnXVrkouZFeiFIdpnusQzxdvC22IPHa4f1SYRjofgj95ilLub1vzRNSiFgcCY7cBO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8713182e28463834-FRA
expires
Sat, 29 Mar 2025 14:54:45 GMT
/
www.two70.com/live-chat/auth/ 		32 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.two70.com/live-chat/auth/
Requested by
Host: cdn.realgeeks.com
URL: https://cdn.realgeeks.com/static/CACHE/js/aa46e72af512.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.124.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-124-148.compute-1.amazonaws.com
Software
openresty/1.19.9.1 /
Resource Hash
bfd72d517cc18fbbee0f12febf5ccc307b176400affceb26d354e24c749f1743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.two70.com/idaho-horse-property/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 08 Apr 2024 14:54:45 GMT
Strict-Transport-Security
max-age=31536000; preload
Server
openresty/1.19.9.1
Transfer-Encoding
chunked
Vary
Cookie
Content-Type
application/json
X-UA-Device
wat?
Connection
keep-alive
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin
https://www.two70.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:54:45 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
323753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
109808
last-modified
Wed, 02 Aug 2023 21:01:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64cac444-1acf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANdQuEXEKZ6Z2%2BQnMpa4wV%2BXauanjaFVIWHZu%2FBBIVFDrwPyv5iN7rmktYt7qqkBkquRl6M9EdZO2z6zftbJk95qHSxseHDhVXNtpIVSLoOXTDFe7n8Tv36MOjAfgsqVbobeMSFU"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8713182e9a756907-FRA
expires
Sat, 29 Mar 2025 14:54:45 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin
https://www.two70.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:54:45 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1438764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150020
last-modified
Wed, 02 Aug 2023 21:01:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64cac444-24a04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRylztClTzwUk0SML%2F9foGv9%2BC8yDHJu7bhjcciXKi17pYIpYRJET04NWKa2PhnoQETeMQbS1b0w8Xu6vuSxAt0415ctRKdSenFQbNGqWDxOSfBKGHS9UGRri6n3X%2BrNfFJ3qlDW"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8713182e9a726907-FRA
expires
Sat, 29 Mar 2025 14:54:45 GMT
Favicon-02.png
u.realgeeks.media/two701/ 		742 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://u.realgeeks.media/two701/Favicon-02.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-68.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3f1b655c7b9a20b38ca5ad28666590cf557de80100c57752ad893e713e5581d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.two70.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NSBTFM6ZYKtFcr.NcNiWi9060CKvjaUK
date
Mon, 08 Apr 2024 00:53:30 GMT
via
1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 18:37:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
50476
etag
"615c243098070943909f5f5213aef50b"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
742
x-amz-cf-id
V_09AffNWzKA79pIw2tmRWKGDRxUQVN4RUBE6pB-fiSWej3jHhWCaw==

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| gaGlobal string| placement string| background string| title string| description string| buttonlink string| buttontext string| buttoncolor object| headTag object| jqTag function| $ function| jQuery string| fotoramaVersion object| Foundation object| CoreUtils object| Box function| onImagesLoaded object| MediaQuery object| Motion object| Nest function| Timer object| Triggers function| Abide function| Accordion function| AccordionMenu function| Drilldown function| Dropdown function| DropdownMenu function| Equalizer function| Interchange function| Magellan function| OffCanvas function| Orbit function| ResponsiveMenu function| ResponsiveToggle function| Reveal function| Slider function| SmoothScroll function| Sticky function| Tabs function| Toggler function| Tooltip function| ResponsiveAccordionTabs object| default function| phoneinput function| picturefill function| Bloodhound object| realgeeks function| _ function| dependency_graph function| propphotos_fallback object| core object| __core-js_shared__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime

5 Cookies

Domain/Path Name / Value
.two70.com/ Name: _ga_G6YVB7Y1Q5
Value: GS1.1.1712588085.1.0.1712588085.0.0.0
.two70.com/ Name: _ga
Value: GA1.1.1439065476.1712588085
.two70.com/ Name: __rgtmz
Value: rgtmcsr=(direct)|rgtmcmd=(none)|rgtmccn=(direct)
.two70.com/ Name: __rgtmzses
Value: 1
www.two70.com/ Name: last_visit_time
Value: 1712588085

1 Console Messages

Source Level URL
Text
network error URL: https://www.two70.com/live-chat/auth/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.realgeeks.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
region1.google-analytics.com
t2.realgeeks.media
u.realgeeks.media
willytwitchell.com
www.googletagmanager.com
www.two70.com
104.17.24.14
18.173.154.97
18.66.192.45
18.66.192.68
2001:4860:4802:34::36
2001:4860:4802:36::15
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2008
2a04:4e42:200::649
52.54.124.148
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0d0666cc54c9bae901583205201bdde8b122457c8a02f1643409f34d7b356621
134d30ed9c825909dd32af40d469aaafedfe1b17447abee0ed6c43c7254d2a48
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e8290b2b2872a78538d86a98bac614056126862200712a27704cd0ba3a48408
268d09d85979a8c9da25c931b82b41c6e1a4b2c944e4b7a56530f323e441a634
330e22eae9d76902b3f95af604d0e7588bdd6be6ab9f7eebfa63aa69a113fbef
39c8e9fc103593c7af1d3e080643253f73a41e92493cbfe8a2740e254afbf651
47f8a8cd6af16d96b78cae75665c1a2b199200ed45371068410614e4558cc83f
4e3fbc636aa4324b4f837f028f54ccb3240412d00402cf232fa30e7f6a1d7ea9
54f23b5a49e34951270e11ffddf58b647ade6db480c6d664f57d13bf5a825a6f
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
b173ae2d79802f9ac746592be3b7b3f5f1f3a4b4f1b933e43e8dd9591ef35493
b3f1b655c7b9a20b38ca5ad28666590cf557de80100c57752ad893e713e5581d
bfd72d517cc18fbbee0f12febf5ccc307b176400affceb26d354e24c749f1743
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5b746857b4eaebe23a01d5975b2eb453909226eac57ce54a0c3def4b8d39165
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1