portal.manulife.ca
Open in
urlscan Pro
104.111.248.156
Public Scan
Submission: On January 18 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on December 23rd 2020. Valid for: a year.
This is the only time portal.manulife.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 104.111.248.156 104.111.248.156 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a02:26f0:10c... 2a02:26f0:10c:59b::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 54.228.36.34 54.228.36.34 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.195.204.60 54.195.204.60 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 54.194.191.134 54.194.191.134 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 15.237.136.106 15.237.136.106 | 16509 (AMAZON-02) (AMAZON-02) | |
32 | 7 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-156.deploy.static.akamaitechnologies.com
portal.manulife.ca | |
grsmembers.manulife.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-36-34.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-204-60.eu-west-1.compute.amazonaws.com
manulife.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
manulifefinancial.sc.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
manulife.com
1 redirects
grsmembers.manulife.com |
179 KB |
10 |
manulife.ca
portal.manulife.ca |
897 KB |
4 |
gstatic.com
fonts.gstatic.com |
124 KB |
3 |
demdex.net
dpm.demdex.net manulife.demdex.net |
3 KB |
3 |
adobedtm.com
assets.adobedtm.com |
75 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
omtrdc.net
manulifefinancial.sc.omtrdc.net |
395 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
32 | 8 |
Domain | Requested by | |
---|---|---|
10 | grsmembers.manulife.com |
1 redirects
portal.manulife.ca
|
10 | portal.manulife.ca |
portal.manulife.ca
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | assets.adobedtm.com |
portal.manulife.ca
assets.adobedtm.com |
2 | dpm.demdex.net |
assets.adobedtm.com
|
2 | fonts.googleapis.com |
portal.manulife.ca
|
1 | manulifefinancial.sc.omtrdc.net | |
1 | cm.everesttech.net | 1 redirects |
1 | manulife.demdex.net |
assets.adobedtm.com
|
32 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.manulife.ca |
wwwec7.manulife.com |
www.manulife.com |
itunes.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
manulife.com Sectigo RSA Organization Validation Secure Server CA |
2020-12-23 - 2021-12-23 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://portal.manulife.ca/apps/groupretirement/login?lang=en&scid=eml-ext_grs-slx-statement_201912
Frame ID: 61D041CACBE6C490D4AEA2C6D7E872DC
Requests: 31 HTTP requests in this frame
Frame:
https://manulife.demdex.net/dest5.html?d_nsid=0
Frame ID: CF68B6D71BE9C83C5EAA6C03C5389013
Requests: 1 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Title: For you
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Group Benefits
Search URL Search Domain Scan URL
Title: terms of site usageopen_in_new
Search URL Search Domain Scan URL
Title: Download on the App Store
Search URL Search Domain Scan URL
Title: .cls-1,.cls-11,.cls-3,.cls-4{fill:#fff;}.cls-1{fill-opacity:0;}.cls-2{fill:#a6a6a6;}.cls-3{stroke:#fff;stroke-miterlimit:10;stroke-width:0.2px;}.cls-5{fill:url(#linear-gradient);}.cls-6{fill:url(#linear-gradient-2);}.cls-7{fill:url(#linear-gradient-3);}.cls-8{fill:url(#linear-gradient-4);}.cls-9{opacity:0.2;}.cls-10,.cls-11,.cls-9{isolation:isolate;}.cls-10{opacity:0.12;}.cls-11{opacity:0.25;}Get it on Google Play
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://cm.everesttech.net/cm/dd?d_uuid=28350506923545261582642751696151195332 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAWtPAAAAGQhsCJ1
- https://grsmembers.manulife.com/wps/wcm/connect/b3fec0df-e1e6-4418-b24a-6127d42bec13/GRS_MarketingImage_Desktop_410px354px.jpg?MOD=AJPERES&CACHEID=b3fec0df-e1e6-4418-b24a-6127d42bec13 HTTP 301
- https://grsmembers.manulife.com/wps/wcm/connect/grsmembers/b3fec0df-e1e6-4418-b24a-6127d42bec13/GRS_MarketingImage_Desktop_410px354px.jpg?MOD=AJPERES&CACHEID=b3fec0df-e1e6-4418-b24a-6127d42bec13
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
login
portal.manulife.ca/apps/groupretirement/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
574 B 839 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 764 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.6c56f067.js
portal.manulife.ca/apps/groupretirement/static/js/ |
970 KB 268 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
478a4cb952dti225caae9d66521deb893
portal.manulife.ca/utils/ |
70 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hide-pass-word.7ed96f0b.svg
portal.manulife.ca/apps/groupretirement/static/media/ |
834 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gr_commonlogin_desktop
grsmembers.manulife.com/wps/wcm/connect/grsmembers/grs-englishlibrary/grs/members/sa-sharedcontent/ |
576 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SA-ScheduledSystemDown
grsmembers.manulife.com/wps/wcm/connect/grsmembers/GRS-EnglishLibrary/GRS/Members/ |
43 B 900 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SA-ScheduledSystemDown
grsmembers.manulife.com/wps/wcm/connect/grsmembers/GRS-EnglishLibrary/GRS/Members/ |
43 B 900 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN8e890101c30d4c51832770ac2d0e3376.min.js
assets.adobedtm.com/ |
211 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.50fc6291.jpg
portal.manulife.ca/apps/groupretirement/static/media/ |
603 KB 604 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v70/ |
96 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
478a4cb952dti225caae9d66521deb893
portal.manulife.ca/utils/ |
17 B 826 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
manulife.demdex.net/ Frame CF68 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YAWtPAAAAGQhsCJ1
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s54904121909165
manulifefinancial.sc.omtrdc.net/b/ss/manugrs/1/JS-2.22.0-LAWA/ |
43 B 395 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gr_commonlogin_desktop
grsmembers.manulife.com/wps/wcm/connect/grsmembers/grs-frenchlibrary/grs/members/sa-sharedcontent/ |
659 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
postLogs
portal.manulife.ca/apps/groupretirement/login/api/ |
0 685 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
478a4cb952dti225caae9d66521deb893
portal.manulife.ca/utils/ |
17 B 804 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
478a4cb952dti225caae9d66521deb893
portal.manulife.ca/utils/ |
17 B 800 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gr_commonlogin_tablet
grsmembers.manulife.com/wps/wcm/connect/grsmembers/grs-englishlibrary/grs/members/sa-sharedcontent/ |
576 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gr_commonlogin_tablet
grsmembers.manulife.com/wps/wcm/connect/grsmembers/grs-frenchlibrary/grs/members/sa-sharedcontent/ |
558 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
postLogs
portal.manulife.ca/apps/groupretirement/login/api/ |
0 685 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gr_commonlogin_mobile
grsmembers.manulife.com/wps/wcm/connect/grsmembers/grs-englishlibrary/grs/members/sa-sharedcontent/ |
575 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gr_commonlogin_mobile
grsmembers.manulife.com/wps/wcm/connect/grsmembers/grs-frenchlibrary/grs/members/sa-sharedcontent/ |
659 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRS_MarketingImage_Desktop_410px354px.jpg
grsmembers.manulife.com/wps/wcm/connect/grsmembers/b3fec0df-e1e6-4418-b24a-6127d42bec13/ Redirect Chain
|
168 KB 169 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache function| JSEncrypt object| _cf object| _ac object| bmak string| _sd_trace function| op object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| s_i_manugrs3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.manulife.ca/ | Name: AMCV_37B127E253DB11F10A490D4E%40AdobeOrg Value: 870038026%7CMCIDTS%7C18646%7CvVersion%7C5.0.0 |
|
.manulife.ca/ | Name: _abck Value: A25E2308267FB31B89A3D4A7F7D4AB8A~-1~YAAQJrsQAmF4fg13AQAAK7EsFgWGwu8tdtv7Af0/aZQ8766X4kxLkjmNtij1yI8G4iB0e+7vDJHfFcvfU9UhtSz0fvvkaUejInQ3AEXnAygj43jdDPt8CLakK9xHItJMFBZmQSksjeB54LGNBWYhIvZ/vrJL8zG/nJYji7X1A+3LhT1GDdPixCfFBzQgLQmQP9yinOoV2A/bcX4K0yZ0dHlivcUe3cYC2PSYgDl3cx2ypqFzvhK0Oc8LrJ2Y3DP228mVXPeBuzWjygh28zJHpi0RAJxsEdBny9EdsX0Gf8OsyCVB1ra39PVw+Q==~-1~-1~-1 |
|
.manulife.ca/ | Name: bm_sz Value: 384E1B852B2875F1B7EDB7B52C7846E9~YAAQJrsQAmB4fg13AQAAK7EsFgqjhQbAUM+XFOhnAzrvzptyzAYmKG+6qmRLeVDhueAzOtjD5aOdKfVN6tSUE5V3W44jMrdAEeCr0HHpCx0sOcbtBRhmhvhWuqwl1ehoSyOngdo9rQnB8Y6NlB6RsjwQWsW4vwj1Hfn41Td7yAUFd4Bij4Dh+Rx9q4bVg0UyFg== |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'none' |
Strict-Transport-Security | max-age=31536000; |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
grsmembers.manulife.com
manulife.demdex.net
manulifefinancial.sc.omtrdc.net
portal.manulife.ca
104.111.248.156
15.237.136.106
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a02:26f0:10c:59b::1e80
54.194.191.134
54.195.204.60
54.228.36.34
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0d07308b55fe4547ebaa9e9a0bc6b98b168e924eca438dea165e929427f64a02
138f7e511b27ede82de02a0532f95beffb21fb385e6d456ece339a40872ced53
1e85b3fd6058aa98076e3f64b4b72c5fcbe97f069c38e8ecdb3e97007316bd24
225db22c5e8b8cbe1813876af6dc425f07db1191a3f323cb4e9501a35b93ee5c
282df071ddaa9724157082a6011807f72586ca84a76db47cc9e2a76a67f5f7b2
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
3eef31c39b5479ce7f4730435af733113b5d3c2d3e648aba1f67b72ed53e4005
47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956
4c9fb95a990a6d1c08feb85a19f6622cc8d9b2f1fb2a5bad1643bb35bd5f82fa
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57005a3b1b09ee1ce5771ca3ec55c234e51abc85fd3cef404910d17736482710
5d8275c2f89e75e57a55649d7c07baf27fd93dd8a3991b9e06405500244f97a8
5e0ebdd90989f4eff64f66a294c894a888047085f1e1eaeadeba4a45c097758c
62a1764bc6116e22c060913c0780d29895eede3c31c8072d3c0f305ab5b012f9
637b39684338b180e57e2d9c631cea65a378b8a735a56019a2b52ec2c7043b22
7fccfcf1374ad87b2a9dbdd1cedb90494ab8f978b994de63dfca0dd131e7645d
9822f8e0d1560424ed701cebd04b8ea3bcf474107dee162aa380b04c87693531
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629