Submitted URL: https://mail.klikjpvip.info/
Effective URL: https://clickjp.foundation/register
Submission: On February 03 via api from US — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3032::ac43:b8c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is clickjp.foundation.
TLS certificate: Issued by E1 on January 12th 2024. Valid for: 3 months.
This is the only time clickjp.foundation was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.185.226.131 46606 (UNIFIEDLA...)
1 47.246.24.211 24429 (TAOBAO Zh...)
1 203.107.86.226 37963 (ALIBABA-C...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... ()
27 6
Apex Domain
Subdomains
Transfer
14 clickjp.foundation
clickjp.foundation
390 KB
4 winwinwin168.net
lotteryfoapi.winwinwin168.net
4 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 71106
collect-v6.51.la — Cisco Umbrella Rank: 73269
14 KB
1 klikjpvip.info
mail.klikjpvip.info
4 KB
27 4
Domain Requested by
14 clickjp.foundation mail.klikjpvip.info
clickjp.foundation
4 lotteryfoapi.winwinwin168.net clickjp.foundation
1 collect-v6.51.la sdk.51.la
1 sdk.51.la mail.klikjpvip.info
1 mail.klikjpvip.info
27 5

This site contains no links.

Subject Issuer Validity Valid
autodiscover.clickjp.xyz
R3
2024-02-01 -
2024-05-01
3 months crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020
2023-04-20 -
2024-05-21
a year crt.sh
clickjp.foundation
E1
2024-01-12 -
2024-04-11
3 months crt.sh
winwinwin168.net
E1
2024-01-15 -
2024-04-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://clickjp.foundation/register
Frame ID: ADD7B9EDF22EAFA4D319228E69D76D52
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Home

Page URL History Show full URLs

  1. https://mail.klikjpvip.info/ Page URL
  2. https://clickjp.foundation/register Page URL

Page Statistics

27
Requests

78 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

411 kB
Transfer

1317 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.klikjpvip.info/ Page URL
  2. https://clickjp.foundation/register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
mail.klikjpvip.info/
11 KB
4 KB
Document
General
Full URL
https://mail.klikjpvip.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.226.131 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator3317.hostgator.com
Software
Apache /
Resource Hash
f4f352c087c9441f8e4dba6d5630e621169529e5e55422862e834bdd8c914cde

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3514
content-type
text/html
date
Sat, 03 Feb 2024 19:35:07 GMT
last-modified
Mon, 29 Jan 2024 22:42:19 GMT
server
Apache
vary
Accept-Encoding
js-sdk-pro.min.js
sdk.51.la/
34 KB
13 KB
Script
General
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: mail.klikjpvip.info
URL: https://mail.klikjpvip.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.24.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.klikjpvip.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 07:54:47 GMT
content-encoding
gzip
via
cache35.l2us2[1477,1418,200-0,C], cache21.l2us2[1420,0], ens-cache2.us18[0,0,200-0,H], ens-cache17.us18[2,0]
x-oss-request-id
65BB4E47CC8CEC39371022D5
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
214819
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:12:393382801
x-oss-cdn-auth
success
x-swift-savetime
Thu, 01 Feb 2024 07:54:48 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1706774088
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
2ff618a517069889073186245e
x-oss-server-time
22
collect
collect-v6.51.la/v6/
0
519 B
XHR
General
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.klikjpvip.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mail.klikjpvip.info
Date
Sat, 03 Feb 2024 19:35:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Primary Request register
clickjp.foundation/
3 KB
2 KB
Document
General
Full URL
https://clickjp.foundation/register
Requested by
Host: mail.klikjpvip.info
URL: https://mail.klikjpvip.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1597d23722c88249ef700e2c7abe890ae90f7256e78bd5de026e3fb8a53f744

Request headers

Referer
https://mail.klikjpvip.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84fd1d919b1fb3ef-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 03 Feb 2024 19:35:10 GMT
last-modified
Sat, 03 Feb 2024 19:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5DMJxkssZ7xa%2Fekp6MjwZnnyb9%2FrMOL5EtDED2EwewD4vMIcOo7eHS4Lp3a6bv5lTsp2W8YFOkPjKa9EnkxmzHT3aPIB7wd33ECMRwoeBuMw12z78Bz9QbiCKXHfpg0rfhWSI5scdUxlTS8F6IE3IM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
yellowblack.js
clickjp.foundation/lottery-template1/colors/
8 KB
3 KB
Script
General
Full URL
https://clickjp.foundation/lottery-template1/colors/yellowblack.js?ver=bd2b62a559a1df1f6f9e974caea1fb04576f7835
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4ec6547270d4b46037c44421b5e66748b8a94b94466f9ea332bc0018d28d81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 09:47:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jRt%2FYEhPW89nKPFQFSWm9eyOndO7ZW3t5btaw07WOJ%2FeqhCKB7QbNEoluvbckEJlRMiy6HwUdBddpbBCAkOZaRGx60%2FTDNpcQKRF0P8if%2B63G42RrMDIWwlu2HFkOncLS4fC0uuPN4BmoSR0CmUmg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d939e78b3ef-MIA
alt-svc
h3=":443"; ma=86400
expires
max
main.0604460b.js
clickjp.foundation/static/js/
865 KB
244 KB
Script
General
Full URL
https://clickjp.foundation/static/js/main.0604460b.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6ed9e66577ad815f33a87eee3b696c9dc8aa69e53fc7492671863be6715970

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCL8UGrlnBuan%2BSzb2BSKvLbVeZpknJef52WxqFfgtW7sY9RohAZPHSFcpmf4rfh1LEhyVcRruy7AQerLfDr0YM7l5TFdEwJgkRzZdhwkggQATu9NDFm3wiKqPVR%2FoJmpR7M305VxyqfHujKij4exjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d939e7ab3ef-MIA
alt-svc
h3=":443"; ma=86400
expires
max
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63c018907512d2dcc563caf1e0fff301f7bef8911ef4e96a23c18383efbf5580

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
6476.4495903d.chunk.js
clickjp.foundation/static/js/
6 KB
3 KB
Script
General
Full URL
https://clickjp.foundation/static/js/6476.4495903d.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a94d4a1aab8b67c5b49158438807b927871bda3f3fe2933d5a93659c608b5af4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdWnSkvbQUMXj%2F%2BnpwyMVpq8yRsJQ8BLnbmUyjiMuAA3kl8cNfQdsPWcVS7pHh5KJHH9jiJ319snFu65OUtwMYH2syIJkAEQtU0daf3y2BmqN7r0%2F9kV%2FJVhLwY%2BnKCMpHeyu5ykSYTyqTD0d0CnHvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d983a69741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
2913.1e51a324.chunk.js
clickjp.foundation/static/js/
67 KB
20 KB
Script
General
Full URL
https://clickjp.foundation/static/js/2913.1e51a324.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKnua5ympSF4OfnPFFsPpG1Y7iPYUs8R8riGTuk14i0CRs0OieutKDn0kQVskctTO1a%2BoKx104r1fSCiPn8WmGQa9WlXAfWjDpHCTVFx%2BQ4hHglf6eQMviCD1g84FnLZuK0sMiVKQsVvEYFIfh8Eqcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d983a6c741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
4221.53a7941b.chunk.js
clickjp.foundation/static/js/
62 KB
16 KB
Script
General
Full URL
https://clickjp.foundation/static/js/4221.53a7941b.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3eb1a718f814202591199531b79e4884f9b8e5ccc83c697b2fdce240bc21776

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3wv5zem9aZ3dCUucyd7ofiBTvcg4Jx1B5lVneDPhz7gu3Sg%2BQKctg5S4QOPJIGyvDUji77tmCIVvg2TP75TCF97feA6v0gEAx0UBdK3d%2Fl%2Fu8dfGsXaRm6zB84NOzZnUde1pPcc7k9Xb8Zk%2B0aovZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d983a6f741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
3125.4843728a.chunk.js
clickjp.foundation/static/js/
9 KB
4 KB
Script
General
Full URL
https://clickjp.foundation/static/js/3125.4843728a.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84b07636db71531c69cbeae03a63bf070f03d4e1aaf2a6332bd82215a75c415

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymX4QiGAuCZDKXA4PW13PALzzrqdsgdl5MLvgWwnL5aUAPOGo5CkvKVu47iGYe1u0QYXjba15QydfcHuS75onvkf3AAoppCuD8sRtU%2Bv0F1%2FFSfafHscWD2matYlLoHV9Z5UzAG%2B%2B6xiu%2FNjjR0O6DA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d983a71741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
4373.22b9a0fc.chunk.js
clickjp.foundation/static/js/
8 KB
3 KB
Script
General
Full URL
https://clickjp.foundation/static/js/4373.22b9a0fc.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
066730a782ac3395ae8b81f265f80758cd1708bd8fddb38b2eab37f16d5bd54e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB8lw0wZanB7wc5kCAIzAOYKSC2s1E2vsfrI5At%2F7Rn34Br8HxtG%2Frmq4fNLvc2HgRN1xGI2B%2BgVDG66tMasD54%2B6uh3pMp063aI7%2BsfWSJw8BOUCfVw0J1kF8Fb91Fm1%2FWhk0zy0y%2F2yWcswmUgBF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d983a72741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
4684.f4cc9190.chunk.css
clickjp.foundation/static/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://clickjp.foundation/static/css/4684.f4cc9190.chunk.css
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eae2d3cf3725bb73ab680c06728893f681a6069650f66d3417081c72fb95d48f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66I58KM33xo00ctDY3YI1QVhzFvb5vt22%2FzQBG0aR1WY%2F1gVVj4JdjasmfeDwfi59W22oji9IfaNtAatVLj4WA9xFYrtNj0QQIjPK8vpRy1SNVLX5wU4SH%2F0bUFHqSzyjbCYIFfJOtfQA6zlQJAQshY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d983a74741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
9296.979f605e.chunk.js
clickjp.foundation/static/js/
64 KB
26 KB
Script
General
Full URL
https://clickjp.foundation/static/js/9296.979f605e.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiprIn4esYTfT20vLLeKXQkvUiesK3jKZ1k4Re43zMKxTOkIreUwqVxA%2FRiO%2FcXdOTUXYG%2Bv2RnfwbIM%2Fi6lfq0s7EmMzzytINaMXARwnpnMXRf7Pot0hF0nNz%2FXWSVsjkagEgMV2Qcku7lVgFQtGA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d984a7f741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
6947.67dc8f7b.chunk.js
clickjp.foundation/static/js/
11 KB
4 KB
Script
General
Full URL
https://clickjp.foundation/static/js/6947.67dc8f7b.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548822a42c23a3f5dd2a6105adae7ae9a6135f7602495be4f1add3687016cb27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZSvYePlbRx3CajY%2FELpMyLzSeYnZCSiJQg9YMJckaOXhpDRulaQ3nAD%2BedqnGXnTfVU7gm%2BCItf3pezq8zbhn1e8axvgYz7a2IC8pPQ13x%2FiRm52QXOb174KC3YjQJZBgz%2FjyvwiGQ4WH8qbk37aQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d984a84741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
9026.56e7a042.chunk.js
clickjp.foundation/static/js/
26 KB
20 KB
Script
General
Full URL
https://clickjp.foundation/static/js/9026.56e7a042.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6fcf3c26b66cb3f3f135c4dd10f003dd80945d4f2b1f5ad85506d61b42ac74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtYCbDjifHR2A%2FZzKFdq5eapjHkIqS4P%2FE73cE2QgGSgmhIPOQR%2F45tDqQxEPP%2FvPg9DkDN0xW%2B0k5QNavLkcsOc5nxYzpo6HfYa4rRlvYkfwDzzbTFcFIatvz1ltT9WszS9EZDvBRggwds3OKLc8h0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d984a85741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
806.6521aa23.chunk.css
clickjp.foundation/static/css/
9 KB
5 KB
Stylesheet
General
Full URL
https://clickjp.foundation/static/css/806.6521aa23.chunk.css
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72ad69adaeb3dcaa4dc3cfc3ad0301b1b7b8a457d0fb636d77dc6cd1a97b927

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAcznjrK%2FXkbqz6lYrDvnyq5UFH5CRDVTck1MfS2e%2BPwZUSpJGQEx9pzVIFTg3yxTqOXxo8xLRe9HFU2Cjnc0RzGKRukGhbvQ3P5iupPILuyjElOPS2rf5qMgM63z%2B87CW6r7ms8VxgpL1a3Kv8sCuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d984a86741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
806.94d923ba.chunk.js
clickjp.foundation/static/js/
97 KB
37 KB
Script
General
Full URL
https://clickjp.foundation/static/js/806.94d923ba.chunk.js
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:b8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a4891e0b9fb0e921a2de5ac95ab2a871cef1be3ae675e244241491c120d0de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://clickjp.foundation/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Feb 2024 19:35:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 09:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rfmZ7OaCu%2FUgVes3c0OOgffnqp4fOG0z3234a6slGIoK%2FFBhBbu4aWZ1%2BRYnQusr29w5tqZw%2FMq%2Bz5%2FPrh7G%2BMZ6pAkJWgsY%2B%2BdPmUlncZRokK0vnnslc%2BG9ljgA4fMNJ56HJjJb7L36sMpmGSAl3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray
84fd1d984a87741d-MIA
alt-svc
h3=":443"; ma=86400
expires
max
metadata
lotteryfoapi.winwinwin168.net/apipub/
6 KB
1 KB
XHR
General
Full URL
https://lotteryfoapi.winwinwin168.net/apipub/metadata
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5cf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2d93e90057476c497d949222335ff23e1e42945affbcce0142421afd713688c4

Request headers

Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://clickjp.foundation/
accept-language
en-US,en;q=0.9
Fe-Version
bd2b62a559a1df1f6f9e974caea1fb04576f7835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
X-ACCOUNT-ID
1427522

Response headers

date
Sat, 03 Feb 2024 19:35:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp0lwb%2FBT0JcV3kwKA%2FB2G6X7MKY40Z9pEZ7oieGacYrzJi0uT4oz3JDVyV3hv71TLHGfTlqOCjeKQPmrQ1mrqQj2TbQAF94akLIMuWuBS6hAdtLK0wsGoqibBOO6Y6C9TvUnbTJEktqZtTBu9hsrqP2QaSI6WRTkcnxXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cf-ray
84fd1d9c7d09da01-MIA
alt-svc
h3=":443"; ma=86400
base
lotteryfoapi.winwinwin168.net/apipub/
12 KB
3 KB
XHR
General
Full URL
https://lotteryfoapi.winwinwin168.net/apipub/base
Requested by
Host: clickjp.foundation
URL: https://clickjp.foundation/static/js/main.0604460b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5cf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
af46181be5a2d48e5f0931fedfca43fe60da3e1c58f26e90e4c3fab28d3783d7

Request headers

Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://clickjp.foundation/
accept-language
en-US,en;q=0.9
Fe-Version
bd2b62a559a1df1f6f9e974caea1fb04576f7835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
X-ACCOUNT-ID
1427522

Response headers

date
Sat, 03 Feb 2024 19:35:12 GMT
content-encoding
br
cached-valid-util
Sun, 04 Feb 2024 02:35:16 SERVER_TZ
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pq8kNvJM8SbPUNRubv4gMqrwmFDggS%2FSvB6WNwaHsLzylq8VvvVlTKFL9RbHWyoSCFJcRYFptCnS0KFS0qUAxySvDQ%2FXgFpkTrKJRyYOUEex3AfCQFRA%2BMHDV%2F9c457nQ1m%2F%2BM0GLL5JOM6nBRxi4pxi8w%2F5jDwxd6gSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cf-ray
84fd1d9c5cf4da01-MIA
alt-svc
h3=":443"; ma=86400
cached
true
metadata
lotteryfoapi.winwinwin168.net/apipub/
0
0
Preflight
General
Full URL
https://lotteryfoapi.winwinwin168.net/apipub/metadata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5cf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fe-version,x-account-id
Access-Control-Request-Method
POST
Origin
https://clickjp.foundation
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
content-type,fe-version,x-account-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84fd1d98f925da01-MIA
date
Sat, 03 Feb 2024 19:35:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BIzQB4KV%2F8sZAp5UaiTs2fLJSkUrBJOxxCc69FXOdie1y%2F7LYOGYEaoEQqGsT5hl%2FN5qg9QKi76aRGb%2Be9pjOQJJlMwDm263Tl5afa6IWPocxb7kp60aZ6ESfjW7zdp1HwckH3mXj96fFZgmSt857ayKQciodI2bVT4DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
base
lotteryfoapi.winwinwin168.net/apipub/
0
0
Preflight
General
Full URL
https://lotteryfoapi.winwinwin168.net/apipub/base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5cf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,fe-version,x-account-id
Access-Control-Request-Method
POST
Origin
https://clickjp.foundation
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
content-type,fe-version,x-account-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84fd1d98f927da01-MIA
date
Sat, 03 Feb 2024 19:35:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErxDttAa7Mm6MiFGT%2FDkvIgBcDFRll6MWLdrrP5Kig%2FtPTKSt44il4iK7qUIqxE1DQmfhnCH6eYgZJ26moWS0c8%2FT0HBLRrqU8KX3QA98ib62%2F7YJ5OcS90py8H3GZAG9ekF98Sf9E%2BeG563z4MPPUhImBB4%2BYfOJkdCig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
5032.de916da7.chunk.js
clickjp.foundation/static/js/
0
0

7706.8a487395.chunk.js
clickjp.foundation/static/js/
0
0

6969.8b4b7491.chunk.js
clickjp.foundation/static/js/
0
0

8776.665f4ed0.chunk.js
clickjp.foundation/static/js/
0
0

script
lotteryfoapi.winwinwin168.net/apipub/
0
0

script
lotteryfoapi.winwinwin168.net/apipub/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clickjp.foundation
URL
https://clickjp.foundation/static/js/5032.de916da7.chunk.js
Domain
clickjp.foundation
URL
https://clickjp.foundation/static/js/7706.8a487395.chunk.js
Domain
clickjp.foundation
URL
https://clickjp.foundation/static/js/6969.8b4b7491.chunk.js
Domain
clickjp.foundation
URL
https://clickjp.foundation/static/js/8776.665f4ed0.chunk.js
Domain
lotteryfoapi.winwinwin168.net
URL
https://lotteryfoapi.winwinwin168.net/apipub/script
Domain
lotteryfoapi.winwinwin168.net
URL
https://lotteryfoapi.winwinwin168.net/apipub/script

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| firstBannerDesktop string| firstBannerMobile string| popupBanner object| colors object| process string| template string| accountId string| baseURL string| socketApiUrl string| testImg object| img number| supportWebp

4 Cookies

Domain/Path Name / Value
mail.klikjpvip.info/ Name: __vtins__K5EmlZeCVuHn9qa2
Value: %7B%22sid%22%3A%20%221ccb4423-15f6-5e21-83b5-17a5c927a54b%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201706990707424%2C%20%22ct%22%3A%201706988907424%7D
mail.klikjpvip.info/ Name: __51uvsct__K5EmlZeCVuHn9qa2
Value: 1
mail.klikjpvip.info/ Name: __51vcke__K5EmlZeCVuHn9qa2
Value: 90622815-cbdc-57d1-91a7-2e3d23f08892
mail.klikjpvip.info/ Name: __51vuft__K5EmlZeCVuHn9qa2
Value: 1706988907432

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clickjp.foundation
collect-v6.51.la
lotteryfoapi.winwinwin168.net
mail.klikjpvip.info
sdk.51.la
clickjp.foundation
lotteryfoapi.winwinwin168.net
192.185.226.131
203.107.86.226
2606:4700:3032::ac43:b8c3
2606:4700:3034::ac43:a5cf
47.246.24.211
066730a782ac3395ae8b81f265f80758cd1708bd8fddb38b2eab37f16d5bd54e
0a4ec6547270d4b46037c44421b5e66748b8a94b94466f9ea332bc0018d28d81
0b6ed9e66577ad815f33a87eee3b696c9dc8aa69e53fc7492671863be6715970
2d93e90057476c497d949222335ff23e1e42945affbcce0142421afd713688c4
548822a42c23a3f5dd2a6105adae7ae9a6135f7602495be4f1add3687016cb27
63c018907512d2dcc563caf1e0fff301f7bef8911ef4e96a23c18383efbf5580
8d6fcf3c26b66cb3f3f135c4dd10f003dd80945d4f2b1f5ad85506d61b42ac74
a84b07636db71531c69cbeae03a63bf070f03d4e1aaf2a6332bd82215a75c415
a94d4a1aab8b67c5b49158438807b927871bda3f3fe2933d5a93659c608b5af4
af46181be5a2d48e5f0931fedfca43fe60da3e1c58f26e90e4c3fab28d3783d7
b72ad69adaeb3dcaa4dc3cfc3ad0301b1b7b8a457d0fb636d77dc6cd1a97b927
c6a4891e0b9fb0e921a2de5ac95ab2a871cef1be3ae675e244241491c120d0de
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
d1597d23722c88249ef700e2c7abe890ae90f7256e78bd5de026e3fb8a53f744
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae2d3cf3725bb73ab680c06728893f681a6069650f66d3417081c72fb95d48f
f3eb1a718f814202591199531b79e4884f9b8e5ccc83c697b2fdce240bc21776
f4f352c087c9441f8e4dba6d5630e621169529e5e55422862e834bdd8c914cde