Submitted URL: http://inventureclientportal.com/
Effective URL: https://www.inventureclientportal.com/
Submission Tags: suspect
Submission: On October 24 via api from BR — Scanned from DE

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 20 HTTP transactions. The main IP is 35.152.119.144, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.inventureclientportal.com.
TLS certificate: Issued by R10 on October 23rd 2024. Valid for: 3 months.
This is the only time www.inventureclientportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 75.2.70.75 16509 (AMAZON-02)
1 35.152.119.144 16509 (AMAZON-02)
4 104.18.161.117 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 172.64.149.114 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.244.20.109 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
4 142.250.185.131 15169 (GOOGLE)
20 10
Apex Domain
Subdomains
Transfer
4 gstatic.com
fonts.gstatic.com
149 KB
4 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 7153
85 KB
4 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6168
385 KB
3 memberstack.com
static.memberstack.com — Cisco Umbrella Rank: 158724
client.memberstack.com — Cisco Umbrella Rank: 160733
120 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
9 KB
2 inventureclientportal.com
inventureclientportal.com
www.inventureclientportal.com
5 KB
1 jetboost.io
cdn.jetboost.io — Cisco Umbrella Rank: 45526
4 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
20 8
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
4 cdn.weglot.com www.inventureclientportal.com
cdn.weglot.com
4 cdn.prod.website-files.com www.inventureclientportal.com
2 client.memberstack.com static.memberstack.com
1 cdn.jetboost.io www.inventureclientportal.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.inventureclientportal.com
1 static.memberstack.com www.inventureclientportal.com
1 ajax.googleapis.com www.inventureclientportal.com
1 www.inventureclientportal.com
1 inventureclientportal.com 1 redirects
20 11

This site contains no links.

Subject Issuer Validity Valid
www.inventureclientportal.com
R10
2024-10-23 -
2025-01-21
3 months crt.sh
prod.website-files.com
WE1
2024-10-21 -
2025-01-19
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cdn.weglot.com
WE1
2024-08-29 -
2024-11-27
3 months crt.sh
static.memberstack.com
Amazon RSA 2048 M02
2024-02-04 -
2025-03-05
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
memberstack.com
WE1
2024-10-12 -
2025-01-10
3 months crt.sh
cdn.jetboost.io
Amazon RSA 2048 M02
2024-03-20 -
2025-04-18
a year crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.inventureclientportal.com/
Frame ID: 63CCB3D392DA6EB2CFC36B7C2B4B59F1
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Client Portal

Page URL History Show full URLs

  1. http://inventureclientportal.com/ HTTP 307
    https://inventureclientportal.com/ HTTP 301
    https://www.inventureclientportal.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • memberstack\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

10
IPs

4
Countries

788 kB
Transfer

3264 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://inventureclientportal.com/ HTTP 307
    https://inventureclientportal.com/ HTTP 301
    https://www.inventureclientportal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.inventureclientportal.com/
Redirect Chain
  • http://inventureclientportal.com/
  • https://inventureclientportal.com/
  • https://www.inventureclientportal.com/
11 KB
5 KB
Document
General
Full URL
https://www.inventureclientportal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.152.119.144 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-152-119-144.eu-south-1.compute.amazonaws.com
Software
/
Resource Hash
85b58c018d2410b557eb84c7b8fdc25abcd64ee32eeb0ae2effad0ce5d2b86ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
8d7acae879134beb-MXP
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Thu, 24 Oct 2024 14:52:47 GMT
last-modified
Thu, 24 Oct 2024 14:52:47 GMT
strict-transport-security
max-age=31536000
surrogate-control
max-age=2147483647
surrogate-key
www.inventureclientportal.com 6659f031b515f5d60119e265 pageId:6659f032b515f5d60119e327
vary
Accept-Encoding
x-cluster-name
eu-south-1-prod-hosting-red
x-frame-options
SAMEORIGIN
x-lambda-id
bb5b254b-0679-40df-8c38-e7c69041fc6d

Redirect headers

content-length
166
content-type
text/html
date
Thu, 24 Oct 2024 14:52:46 GMT
location
https://www.inventureclientportal.com/
strict-transport-security
max-age=31536000
im-clientportal.webflow.f70607561.css
cdn.prod.website-files.com/6659f031b515f5d60119e265/css/
295 KB
44 KB
Stylesheet
General
Full URL
https://cdn.prod.website-files.com/6659f031b515f5d60119e265/css/im-clientportal.webflow.f70607561.css
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d8658a56d004b23c9b1a12e6b65f9d40f267af85fde2ad197e76e564a200e8

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"577ee2da39d59910beeae7a432bb001e"
x-amz-version-id
imshr4NpwMFOAqexqfwpAyGZfTzCnePs
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:52:47 GMT
content-type
text/css
last-modified
Thu, 24 Oct 2024 13:46:21 GMT
vary
Accept-Encoding
x-amz-id-2
4vqTl5/XIarMBaG1pxHRdudqHGtBOuRvGun1IW3AtHbo4xTnA+znRRMYjPwaBo2v5rwC3cvxWiL/97Ijf9l3jYlJt6NURji4i1DdszN8Bmg=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
CP4FFZDSJWRF3W24
cf-ray
8d7acaed8c4130e7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
43912
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
age
66151
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 20:30:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 20:30:16 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
weglot.min.js
cdn.weglot.com/
136 KB
47 KB
Script
General
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01269bff7ef5f891ca65851c040e33db891320db98e5ac17d4f7c68e2a854bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"dd6882754ad153d05113ddeec0557b0f"
age
168
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 15:22:47 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
PmEOZ1ZNVTE7kjxalFE0pekOJSO8qnc586r6CXHGYzsknelvJVcXTg==
date
Thu, 24 Oct 2024 14:52:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 23 Oct 2024 08:37:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cf-ray
8d7acaed8a1c361f-FRA
x-amz-cf-pop
FRA60-P4
server
cloudflare
memberstack.js
static.memberstack.com/scripts/v1/
522 KB
119 KB
Script
General
Full URL
https://static.memberstack.com/scripts/v1/memberstack.js
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5a00:1f:138b:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f2dbf9aa9d5cc805446e3da56655605dd876932d32060360e1db190506601f7

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

x-amz-cf-pop
FRA60-P4
cache-control
max-age=86400
content-encoding
gzip
etag
W/"28a8ce0492f99a183ef334afac315915"
age
33802
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ydLwpJd5hnT0DtrzMFZc_ayJjIeEHLq4jqS4iwoASWOiAWgtPtUfjw==
date
Thu, 24 Oct 2024 07:15:11 GMT
content-type
text/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Fri, 20 Sep 2024 19:46:16 GMT
x-amz-server-side-encryption
AES256
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
31 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6659f031b515f5d60119e265
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.inventureclientportal.com
Referer
https://www.inventureclientportal.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
51489
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
dK93_5bD5snB7bQBf7S167jcbffpOuAyvxYX0iuO28iCbZ0PrSN8mA==
date
Thu, 24 Oct 2024 00:34:39 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
Accept-Encoding
cache-control
max-age=84600, must-revalidate
via
1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P11
server
AmazonS3
webflow.f61aaed22.js
cdn.prod.website-files.com/6659f031b515f5d60119e265/js/
2 MB
333 KB
Script
General
Full URL
https://cdn.prod.website-files.com/6659f031b515f5d60119e265/js/webflow.f61aaed22.js
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd6f08d348c7c0c8e1ec1d68ba78bf4fac91cfceccff3ee6f154df18ad5f269

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"eefc930f9860971b962c90510e68c8ff"
x-amz-version-id
xJTlXUOme2SbcxXZc7QHDdz1p8D4.8IM
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:52:47 GMT
content-type
text/javascript
last-modified
Thu, 24 Oct 2024 13:46:22 GMT
vary
Accept-Encoding
x-amz-id-2
9WNiQLjGZMkRNvaLrTvyETU1Ifh3QKLyEspBsrdSc493RXXILU7+qqmYHys2cp4MmwtRM+ksI/l1bB31gGZwysI4yHP5rNTzwhKq5DI5FxY=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
CP4E5CYGHDQQQCTG
cf-ray
8d7acaed8c4630e7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
339871
server
cloudflare
x-amz-server-side-encryption
AES256
app-member
client.memberstack.com/
0
0
Preflight
General
Full URL
https://client.memberstack.com/app-member?includeSSOText=undefined&trackPageView=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2952 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-app-id,x-user-agent
Access-Control-Request-Method
GET
Origin
https://www.inventureclientportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-app-id,x-user-agent
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.inventureclientportal.com
access-control-expose-headers
ms-mid
cf-cache-status
DYNAMIC
cf-ray
8d7acaf00b88a01c-FRA
cross-origin-resource-policy
same-origin
date
Thu, 24 Oct 2024 14:52:48 GMT
origin-agent-cluster
?1
ratelimit-limit
200
ratelimit-policy
200;w=30
ratelimit-remaining
199
ratelimit-reset
30
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
css
fonts.googleapis.com/
70 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:regular%7CNunito+Sans:regular,600,800,italic,600italic,800italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c4864ba7a2e40d0a77452bc3ecf04ceb9d35f88b1b47475663f2278972c1b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 14:52:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 14:52:47 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
473a0c329d494e94c662fb469ec9d93d0.json
cdn.weglot.com/projects-settings/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.weglot.com/projects-settings/473a0c329d494e94c662fb469ec9d93d0.json
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4436864546e123315f5cefaf2b7d1260c498045fe445f8b49637a250eaeb4f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2d93e8f55e5d99530b2e037fc2124199"
x-amz-version-id
null
age
79726
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 14:53:47 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
2u0J8XbeNMDDgDiTFMLIF43XVRCa2fGVlFvAWZHflzNfQlaj9eXgVg==
date
Thu, 24 Oct 2024 14:52:47 GMT
content-type
application/json
last-modified
Wed, 23 Oct 2024 13:41:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=60
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
cf-ray
8d7acaefa84bbb53-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
cloudflare
app-member
client.memberstack.com/
2 KB
1 KB
XHR
General
Full URL
https://client.memberstack.com/app-member?includeSSOText=undefined&trackPageView=true
Requested by
Host: static.memberstack.com
URL: https://static.memberstack.com/scripts/v1/memberstack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2952 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de96fb35ab7277d62ceeec2725905e9e569c6d26afab15e474af1a1e449b32b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-APP-ID
app_clypu8f6700ba0svqfzyu9bje
X-User-Agent
@memberstack/client@1.2.0
Referer
https://www.inventureclientportal.com/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Accept
application/json, text/plain, */*

Response headers

x-robots-tag
noindex, nofollow
access-control-expose-headers
ms-mid
ratelimit-policy
200;w=30
ratelimit-remaining
198
cf-cache-status
DYNAMIC
etag
W/"876-wssDZo9Lmf85GSWf3VEOaTKmYKw"
ratelimit-reset
30
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
content-encoding
br
date
Thu, 24 Oct 2024 14:52:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800; includeSubDomains
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
ratelimit-limit
200
referrer-policy
no-referrer
x-download-options
noopen
access-control-allow-credentials
true
cf-ray
8d7acaf2bda8dca1-FRA
access-control-allow-origin
https://www.inventureclientportal.com
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
jetboost.js
cdn.jetboost.io/
12 KB
4 KB
Script
General
Full URL
https://cdn.jetboost.io/jetboost.js
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9c00:1d:7a82:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"90f20e8472ce5be54d6aec168f3aa8cd"
age
27316
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
InMtZpatFK3GdFIDd8g4BombCR3rnH0fuEtTZZo00zZPe2qn_XbhVA==
date
Thu, 24 Oct 2024 07:26:02 GMT
content-type
text/javascript
last-modified
Tue, 10 Sep 2024 22:20:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
667968d42fe3acde5846a4bc_IM%20logo-p-500.png
cdn.prod.website-files.com/6659f031b515f5d60119e265/
7 KB
7 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6659f031b515f5d60119e265/667968d42fe3acde5846a4bc_IM%20logo-p-500.png
Requested by
Host: www.inventureclientportal.com
URL: https://www.inventureclientportal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eed174793837bca8f2bb85e16010fd779a3e86a4cbe574d1a50dcf64b4004a9

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

cf-cache-status
EXPIRED
etag
"f35bf155f06bf5536b0abedd0e4190b7"
x-amz-version-id
SI3nvbB0k6Ea9j1vDB5Ds7KOo7I4r2if
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:52:48 GMT
content-type
image/png
last-modified
Mon, 24 Jun 2024 12:38:50 GMT
vary
Accept-Encoding
x-amz-id-2
9O9hdZ7lyKQsEPi4Iqqp51WE336ylBC3pzsGeI43omOyR1IUU7utvaGGndrmVwQHPHFcDSTK4kvUp0QI7TIR7O63jVNNFzQu6qwlD2iOCFc=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5H9Q67AVSYDW469P
cf-ray
8d7acaefcf0f30e7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6992
server
cloudflare
x-amz-server-side-encryption
AES256
weglot.min.css
cdn.weglot.com/
28 KB
5 KB
Stylesheet
General
Full URL
https://cdn.weglot.com/weglot.min.css?v=8
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfde3ff6e84e9f937c3304e9bddfec2b7dc2a367545928b2108b36ca6915f09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"02fcb0153b60756b26b45300877868bf"
age
75480
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 14:52:48 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
UZwp7XmX-MCrKC9P33sXY4NJg6y6A_0sToRFJ6E4HL1Lo1Qlg2HPTQ==
date
Thu, 24 Oct 2024 14:52:48 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 23 Oct 2024 08:37:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cf-ray
8d7acaf00ce1361f-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
cloudflare
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2
fonts.gstatic.com/s/nunitosans/v15/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:regular%7CNunito+Sans:regular,600,800,italic,600italic,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.inventureclientportal.com
Referer
https://fonts.googleapis.com/

Response headers

age
166757
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:33:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:33:31 GMT
last-modified
Thu, 27 Apr 2023 01:15:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
31040
x-xss-protection
0
server
sffe
toggle.2473f99c1025aad4c76482ffe44f0d5dc3ff4b5e.min.js
cdn.weglot.com/switchers/
90 KB
32 KB
Script
General
Full URL
https://cdn.weglot.com/switchers/toggle.2473f99c1025aad4c76482ffe44f0d5dc3ff4b5e.min.js
Requested by
Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.114 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f65a8157295c1d47dff3126c8598a2decf887187e927df4dfe8cd14cfc36a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"99819ca8be35483874cfbdc87fcca5c4"
age
2019083
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 14:52:48 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
DAU6iZJyU6B9W3aiO1kiygHaBM-O-4320uKSMuIC1AuRgWWQcitybA==
date
Thu, 24 Oct 2024 14:52:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Sep 2024 14:10:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
cf-ray
8d7acaf0ad87361f-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/
42 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:regular%7CNunito+Sans:regular,600,800,italic,600italic,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.inventureclientportal.com
Referer
https://fonts.googleapis.com/

Response headers

age
196803
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 08:12:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 08:12:45 GMT
last-modified
Thu, 14 Dec 2023 02:05:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
43068
x-xss-protection
0
server
sffe
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2
fonts.gstatic.com/s/opensans/v40/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:regular%7CNunito+Sans:regular,600,800,italic,600italic,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
9e8183706fae7c080194a7564a8deac0499870c416851a7b4c5a2a46629151b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.inventureclientportal.com
Referer
https://fonts.googleapis.com/

Response headers

age
196772
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 08:13:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 08:13:16 GMT
last-modified
Thu, 14 Dec 2023 02:00:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
45036
x-xss-protection
0
server
sffe
pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLZx3lE4.woff2
fonts.gstatic.com/s/nunitosans/v15/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t2FQWEAEOvV9wNvrwlNstMKW3Y6K5WMwd-laLZx3lE4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNunito+Sans:regular%7CNunito+Sans:regular,600,800,italic,600italic,800italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
6fa7bd9c6fa88424c4447ed83af706b1ddf2635f42911c7387c9c157b243469c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://www.inventureclientportal.com
Referer
https://fonts.googleapis.com/

Response headers

age
167003
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:29:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:29:25 GMT
last-modified
Thu, 27 Apr 2023 01:24:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33052
x-xss-protection
0
server
sffe
667adec1235d6c360b12bdd6_favicon-32x32.png
cdn.prod.website-files.com/6659f031b515f5d60119e265/
1005 B
1 KB
Other
General
Full URL
https://cdn.prod.website-files.com/6659f031b515f5d60119e265/667adec1235d6c360b12bdd6_favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95de329134560f9d8f60869b1edae8eb7a9813f243060ad05a031fc58c0b6784

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://www.inventureclientportal.com/

Response headers

cf-cache-status
EXPIRED
etag
"1f18830f5a32feb512e3d4c037a10a2d"
x-amz-version-id
rB._eOGAcdTz6rhHFaFOpKBmgXCi3upY
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 14:52:48 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 15:14:11 GMT
vary
Accept-Encoding
x-amz-id-2
KeA7m3esI1DaEsAK9jQvebbw3cAjCfUB30ho5jGXi3jX5qv9WgeL4Wg0RnnRycYJnOMFtFPxZTQ=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5H9VQ4C6QXY82TSZ
cf-ray
8d7acaf178ec30e7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1005
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont object| Weglot function| _hcaptchaReady object| $memberstackDom function| $msChannelEvents boolean| $memberstackReady string| JETBOOST_SITE_ID function| $ function| jQuery function| tram object| Webflow function| JetboostBootstrap object| Jetboost

1 Cookies

Domain/Path Name / Value
.prod.website-files.com/ Name: __cf_bm
Value: WLMSC1wr.5bGqRlnNx17k93HKfL2lTwDJdr06SNX144-1729781567-1.0.1.1-mhJFn4YkFYIjFJ.xw4DY8jKLhHk9.XPcSBbQB4KKBKjJBEereABlgmxjbsYqhw4CHX3TeJtLP17DpRweHhUOSA

2 Console Messages

Source Level URL
Text
rendering error URL: https://www.inventureclientportal.com/(Line 228)
Message:
Error: <svg> attribute height: Expected length, "auto".
recommendation verbose URL: https://www.inventureclientportal.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jetboost.io
cdn.prod.website-files.com
cdn.weglot.com
client.memberstack.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
inventureclientportal.com
static.memberstack.com
www.inventureclientportal.com
104.18.161.117
142.250.185.131
172.64.149.114
18.244.20.109
2600:9000:223e:9c00:1d:7a82:2900:93a1
2600:9000:225e:5a00:1f:138b:ce40:93a1
2606:4700:10::ac43:2952
2a00:1450:4001:80e::200a
2a00:1450:4001:82a::200a
35.152.119.144
75.2.70.75
01269bff7ef5f891ca65851c040e33db891320db98e5ac17d4f7c68e2a854bf5
0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
0de96fb35ab7277d62ceeec2725905e9e569c6d26afab15e474af1a1e449b32b
11d8658a56d004b23c9b1a12e6b65f9d40f267af85fde2ad197e76e564a200e8
1f2dbf9aa9d5cc805446e3da56655605dd876932d32060360e1db190506601f7
3eed174793837bca8f2bb85e16010fd779a3e86a4cbe574d1a50dcf64b4004a9
5bd6f08d348c7c0c8e1ec1d68ba78bf4fac91cfceccff3ee6f154df18ad5f269
6fa7bd9c6fa88424c4447ed83af706b1ddf2635f42911c7387c9c157b243469c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
85b58c018d2410b557eb84c7b8fdc25abcd64ee32eeb0ae2effad0ce5d2b86ac
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
95de329134560f9d8f60869b1edae8eb7a9813f243060ad05a031fc58c0b6784
96f65a8157295c1d47dff3126c8598a2decf887187e927df4dfe8cd14cfc36a0
9c4864ba7a2e40d0a77452bc3ecf04ceb9d35f88b1b47475663f2278972c1b3a
9e8183706fae7c080194a7564a8deac0499870c416851a7b4c5a2a46629151b4
a4436864546e123315f5cefaf2b7d1260c498045fe445f8b49637a250eaeb4f0
cfde3ff6e84e9f937c3304e9bddfec2b7dc2a367545928b2108b36ca6915f09b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d