Overview

URL tcyd029.com/html/xywxgz66149.html
IP104.223.149.132
ASNAS46573 Global Frag Networks
Location United States
Report completed2018-10-11 14:25:04 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-10-11 14:24:33 CEST 1  104.223.149.132 Client IP ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
2018-10-11 14:24:35 CEST 1  104.223.149.132 Client IP ET TROJAN RAMNIT.A M1
2018-10-11 14:24:33 CEST 1  104.223.149.132 Client IP ET TROJAN PE EXE or DLL Windows file download Text
2018-10-11 14:24:33 CEST 1  104.223.149.132 Client IP ET TROJAN RAMNIT.A M2


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-10-11 2 tcyd029.com/yesads.js Malware
2018-10-11 2 tcyd029.com/html/xywxgz66149.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.223.149.132

Date UQ / IDS / BL URL IP
2019-02-19 12:33:33 +0100
0 - 0 - 1 tcyd029.com/html/jyxxyjs..zxdtsxu52840.html 104.223.149.132
2019-02-17 10:49:29 +0100
0 - 0 - 1 tcyd029.com/html/jyxxyjs..pmfwxx45427.html 104.223.149.132
2019-02-17 05:35:43 +0100
0 - 0 - 1 tcyd029.com/html/dwgz..tzggindex.html 104.223.149.132
2019-01-18 18:48:41 +0100
0 - 0 - 2 tcyd029.com/html/tzgg..pmfwxx45428.html 104.223.149.132
2019-01-03 23:33:36 +0100
0 - 4 - 2 tcyd029.com/html/dwgzindex1.html 104.223.149.132
2018-12-28 06:27:55 +0100
0 - 4 - 2 tcyd029.com/html/hqfc..pmfwxx45427.html 104.223.149.132
2018-12-27 09:54:08 +0100
0 - 0 - 2 tcyd029.com/html/zxdtsxu..pmfwxx48287.html 104.223.149.132
2018-12-27 09:32:14 +0100
0 - 4 - 2 tcyd029.com/html/tzgg82171.html 104.223.149.132
2018-12-19 20:37:16 +0100
0 - 0 - 2 tcyd029.com/html/hqfwzljg..pmfwxx45399.html 104.223.149.132
2018-12-18 23:14:20 +0100
0 - 0 - 2 tcyd029.com/html/pmfwxx45427.html 104.223.149.132

Last 10 reports on ASN: AS46573 Global Frag Networks

Date UQ / IDS / BL URL IP
2019-06-10 18:25:41 +0200
0 - 0 - 1 lcxunjie.cn/html/hdxzxstd86190.html 107.179.119.78
2019-06-10 18:25:19 +0200
0 - 0 - 1 sdvmj.cn/html/info345....xbjjxbjj.html 107.179.119.158
2019-06-10 18:25:02 +0200
0 - 0 - 1 jxylmuye.cn/html/bmgkjgsz.html 107.179.119.198
2019-06-10 18:24:57 +0200
0 - 0 - 1 phyxgs.com.cn/html/zsjz14252847496.html 107.179.119.182
2019-06-10 17:50:47 +0200
0 - 0 - 1 lylhf.com.cn/html/jiuyebaozhanghezuodanwei201 (...) 107.179.119.197
2019-06-10 17:50:45 +0200
0 - 0 - 1 jensmay.cn/html/.tztg201611....hysqk.html 107.179.119.216
2019-06-10 17:50:11 +0200
0 - 0 - 1 lyjiuhua136.cn/html/hyzx7641.html 107.179.119.198
2019-06-10 17:49:34 +0200
0 - 0 - 1 jinaotanye.com.cn/htmlzt2016bkhpc_hashaymnR1.html 107.179.119.16
2019-06-10 17:49:17 +0200
0 - 0 - 2 lczhggwz.com.cn/xzzxxwbgzl.html 107.179.119.77
2019-06-10 17:48:36 +0200
0 - 0 - 2 lczhggwz.com.cn/html/jxsw234404.html 107.179.119.77

Last 10 reports on domain: tcyd029.com

Date UQ / IDS / BL URL IP
2019-06-10 18:25:50 +0200
0 - 0 - 2 tcyd029.com/html/tpxw..hqwhindex.html 104.203.223.31
2019-06-09 13:48:00 +0200
0 - 0 - 2 tcyd029.com/html/hqwh..zfgl123index.html 104.203.223.31
2019-06-09 13:48:00 +0200
0 - 0 - 2 tcyd029.com/html/hqfwzljg..pmfwxx48285.html 104.203.223.31
2019-06-09 13:47:56 +0200
0 - 0 - 2 tcyd029.com/html/hqfwzljg..hqwhindex.html 104.203.223.31
2019-06-09 13:47:27 +0200
0 - 0 - 2 tcyd029.com/html/tzgg..pmfwxx45399.html 104.203.223.31
2019-05-04 21:37:06 +0200
0 - 0 - 2 tcyd029.com/html/yjts34793.html 85.208.116.31
2019-05-04 20:58:04 +0200
0 - 0 - 2 tcyd029.com/html/wjxzindex1.html 85.208.116.31
2019-04-26 10:04:39 +0200
0 - 0 - 2 tcyd029.com/html/tzgg..pmfwxx45428.html 85.208.116.31
2019-04-25 12:24:48 +0200
0 - 0 - 2 tcyd029.com/html/jyxxyjs..pmfwxx48287.html 85.208.116.31
2019-04-23 21:03:39 +0200
0 - 0 - 2 tcyd029.com/html/tzgg..pmfwxx45399.html 85.208.116.31


JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 87, repeated: 1) - SHA256: a72b285b9287c1181927cd290a6f6c08d519ebc6754bc9f04fce904ca106945e

                                        < script src = 'https://s95.b9823852351323h.com/by/dz.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (13)


Request Response
                                        
                                            GET /yesads.js HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/html/xywxgz66149.html

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 106
Last-Modified: Thu, 13 Apr 2017 15:53:11 GMT
Accept-Ranges: bytes
Etag: "5e876bd6eb4d21:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:34 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   106
Md5:    17a8754edf85068082f8b1ac1519d80e
Sha1:   33a9c0cccfe3d299c1ebb6d77fc4e0097b35f5a9
Sha256: 85965e1cee169e6ea1129285cafdd3c90f4e7b046207290c9ad9bc51bc58afdf

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/csswucss.css HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/html/xywxgz66149.html

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 19131
Last-Modified: Thu, 01 Dec 2016 03:32:25 GMT
Accept-Ranges: bytes
Etag: "d64b289834bd21:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:34 GMT


--- Additional Info ---
Magic:  ISO-8859 text, with very long lines, with CRLF line terminators
Size:   19131
Md5:    7aad1fad759eb951128ed1893584b540
Sha1:   4b4c642216351803ef75f54333e193ee44236d7d
Sha256: 5b296867315dcbff1b09b96279e955e340d10b2e3f745c9f777d3f9994a449ea
                                        
                                            GET /images/xywxgzcsswucss.css HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/html/xywxgz66149.html

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 19131
Last-Modified: Sat, 03 Dec 2016 07:20:28 GMT
Accept-Ranges: bytes
Etag: "62d738b9354dd21:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:34 GMT


--- Additional Info ---
Magic:  ISO-8859 text, with very long lines, with CRLF line terminators
Size:   19131
Md5:    7aad1fad759eb951128ed1893584b540
Sha1:   4b4c642216351803ef75f54333e193ee44236d7d
Sha256: 5b296867315dcbff1b09b96279e955e340d10b2e3f745c9f777d3f9994a449ea
                                        
                                            GET /html/xywxgz66149.html HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 113772
Last-Modified: Sat, 04 Aug 2018 08:26:06 GMT
Accept-Ranges: bytes
Etag: "0a3d3c9cc2bd41:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:33 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   113772
Md5:    e67d571189deabf1e299568cb5b78889
Sha1:   214f6b0a91b4c6337bde78edc118a8e6d02ddc93
Sha256: 033d220f51eee371a53bcc6c7695cc785c824f836530909389b0da583b22e0d7

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS DRIVEBY EXE Embeded in Page Likely Evil M1
    - ET TROJAN RAMNIT.A M1
    - ET TROJAN PE EXE or DLL Windows file download Text
    - ET TROJAN RAMNIT.A M2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 05 Oct 2018 14:28:29 GMT
Etag: 23FB1BBE064ECAB24D97EFF43349F76497C7BA2B
X-OCSP-Responder-ID: rmdccaocsp27
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=93242
Expires: Fri, 12 Oct 2018 14:18:35 GMT
Date: Thu, 11 Oct 2018 12:24:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    55f32288a888de0d83ed8f0e5ca2a225
Sha1:   23fb1bbe064ecab24d97eff43349f76497c7ba2b
Sha256: 37acd704e14bc2fba37a0305ac9d0b3a77aabab941561b7a8068985941048e2f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 08 Oct 2018 09:27:34 GMT
Etag: 96CAB35BEB3E9D5CDA87713907CE20DD84A9A9D3
X-OCSP-Responder-ID: rmdccaocsp20
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=334340
Expires: Mon, 15 Oct 2018 09:16:53 GMT
Date: Thu, 11 Oct 2018 12:24:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    48ec56c49763fb783e2d3e8cb7020557
Sha1:   96cab35beb3e9d5cda87713907ce20dd84a9a9d3
Sha256: 80d008301ac25c61f529df8faf1657c03f5766f77d996e455b5983158fb3dec1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 08 Oct 2018 09:27:34 GMT
Etag: 090C34B232998ED0CB442389A283D60A7212687C
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=334428
Expires: Mon, 15 Oct 2018 09:18:21 GMT
Date: Thu, 11 Oct 2018 12:24:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    918e7ad6efba9cd193ede3de6438f9b1
Sha1:   090c34b232998ed0cb442389a283d60a7212687c
Sha256: ff1641777dd048546458ac7b135f68cda235fd5d2e4dc8b9cb1c9bfa51ef30ec
                                        
                                            GET /by/dz.js HTTP/1.1 
Host: s95.b9823852351323h.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/html/xywxgz66149.html

                                         
                                         45.65.46.3
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Apache
Date: Thu, 11 Oct 2018 14:20:05 GMT
Content-Length: 599
Connection: keep-alive
Keep-Alive: timeout=60


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   599
Md5:    c2ed9805bc995784490ec8f22f34bce4
Sha1:   688e7dafd7cf0e1cc8ef724a06f6e0743dec300e
Sha256: 9f6057044c7d7a9bc1822c867358eee574dc261f2c0c13c8a850c25ffbca3e1c
                                        
                                            GET /images/img1.gif HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/images/xywxgzcsswucss.css

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 330
Last-Modified: Thu, 01 Dec 2016 03:32:14 GMT
Accept-Ranges: bytes
Etag: "10115082834bd21:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:35 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 14 x 15
Size:   330
Md5:    3c3a231ec81519f5d5539e742418b01c
Sha1:   7cd431ad27f56cd312a39b992ccfb802bccefb52
Sha256: 5f4a155021581d9c208aab00fadffc10785888253265fb2f55bf5fa2e13d8d40
                                        
                                            GET /images/imgtop.jpg HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/images/xywxgzcsswucss.css

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 42766
Last-Modified: Thu, 01 Dec 2016 03:32:14 GMT
Accept-Ranges: bytes
Etag: "fa3a1982834bd21:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:35 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   42766
Md5:    6c222e5079e42d4d7d3b3d61e04fe4bb
Sha1:   b6cca50e449b3c79e6e308770c0598c5696b3b66
Sha256: 0f44f9dc348779acf9e53692ae8d507c3d4c8db7d06932b1b018bd2df2866f51
                                        
                                            GET /images/imgbj.jpg HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tcyd029.com/images/xywxgzcsswucss.css

                                         
                                         104.223.149.132
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 11667
Last-Modified: Thu, 01 Dec 2016 03:32:13 GMT
Accept-Ranges: bytes
Etag: "8a2e081834bd21:106e0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:35 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   11667
Md5:    77e747e7a58a1a542f9526365040f4ba
Sha1:   4965a649f7ccafcdab915bfd70c9e6791e5aab26
Sha256: 61349a58a0b9069146cf29e2976628a0e1001a1897f346822c34330b9e59843f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.223.149.132
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:36 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: tcyd029.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.223.149.132
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Content-Length: 1308
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 12:24:39 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1308
Md5:    2923b250a3660c034aa7831d5e6d7f3c
Sha1:   646f109012bac000fe1bc58f40d112f77483f22a
Sha256: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075