myplan.johnhancock.com
Open in
urlscan Pro
23.45.106.148
Public Scan
Submitted URL: https://ww4.johnhancock.com/ODkzLU9QSy0yODkAAAGWFqzBexuAJCDRX2CD-YzhCpd8TT9vR-iW3wH-yVMQVHfX3d7OTDcWinmBQRgliHVlTDr4nrc=
Effective URL: https://myplan.johnhancock.com/login?mkt_tok=ODkzLU9QSy0yODkAAAGWFqzBeyw2wvOS_ZjRO04mzFAZRGtYNHCpZhHq-2bAkx6W4jkhcmOcDmT_EoD0w9...
Submission: On October 11 via manual from IN — Scanned from DE
Effective URL: https://myplan.johnhancock.com/login?mkt_tok=ODkzLU9QSy0yODkAAAGWFqzBeyw2wvOS_ZjRO04mzFAZRGtYNHCpZhHq-2bAkx6W4jkhcmOcDmT_EoD0w9...
Submission: On October 11 via manual from IN — Scanned from DE
Summary
This website contacted 11 IPs
in 5 countries
across 10 domains to perform 51 HTTP transactions.
The main IP is 23.45.106.148, located in
Frankfurt am Main, Germany and
belongs to AKAMAI-AS, US.
The main domain is myplan.johnhancock.com.
The Cisco Umbrella rank of the primary domain is 152193.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 3rd 2024. Valid for: a year.
This is the only time myplan.johnhancock.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 3rd 2024. Valid for: a year.
This is the only time myplan.johnhancock.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 104.17.71.206 104.17.71.206 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 36 | 23.45.106.148 23.45.106.148 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 2606:4700:303... 2606:4700:3036::6815:1b98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 5 | 2a02:26f0:11a... 2a02:26f0:11a:19d::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 3 | 52.19.118.55 52.19.118.55 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 130.61.120.2 130.61.120.2 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
| 1 1 | 34.255.61.41 34.255.61.41 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2602:816:5001... 2602:816:5001::39 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:802::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 162.247.243.29 162.247.243.29 | 54113 (FASTLY) (FASTLY) | |
| 1 | 63.140.62.17 63.140.62.17 | 16509 (AMAZON-02) (AMAZON-02) | |
| 51 | 11 |
36
23.45.106.148
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-148.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-148.deploy.static.akamaitechnologies.com
| myplan.johnhancock.com |
3
52.19.118.55
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-118-55.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-118-55.eu-west-1.compute.amazonaws.com
| dpm.demdex.net | |
| johnhancockfinancialservices.demdex.net |
1
130.61.120.2
(Frankfurt am Main, Germany)
ASN31898 (ORACLE-BMC-31898, US)
ASN31898 (ORACLE-BMC-31898, US)
| collection.decibelinsight.net |
1
34.255.61.41
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-61-41.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-61-41.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
2a00:1450:4001:802::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
63.140.62.17
(United States)
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
| johnhancockfinancialservices.sc.omtrdc.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 37 |
johnhancock.com
ww4.johnhancock.com — Cisco Umbrella Rank: 498129 myplan.johnhancock.com — Cisco Umbrella Rank: 152193 |
1 MB |
| 5 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430 |
93 KB |
| 3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243 johnhancockfinancialservices.demdex.net — Cisco Umbrella Rank: 192301 |
2 KB |
| 1 |
omtrdc.net
johnhancockfinancialservices.sc.omtrdc.net — Cisco Umbrella Rank: 154055 |
772 B |
| 1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 245 |
579 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
97 KB |
| 1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 592 |
15 KB |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1371 |
490 B |
| 1 |
decibelinsight.net
collection.decibelinsight.net — Cisco Umbrella Rank: 9364 |
7 KB |
| 1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222 |
13 KB |
| 51 | 10 |
| Domain | Requested by | |
|---|---|---|
| 36 | myplan.johnhancock.com |
ww4.johnhancock.com
myplan.johnhancock.com |
| 5 | assets.adobedtm.com |
myplan.johnhancock.com
assets.adobedtm.com |
| 2 | dpm.demdex.net |
myplan.johnhancock.com
|
| 1 | johnhancockfinancialservices.sc.omtrdc.net |
myplan.johnhancock.com
|
| 1 | bam.nr-data.net |
js-agent.newrelic.com
|
| 1 | www.googletagmanager.com |
assets.adobedtm.com
|
| 1 | js-agent.newrelic.com |
myplan.johnhancock.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | johnhancockfinancialservices.demdex.net |
assets.adobedtm.com
|
| 1 | collection.decibelinsight.net |
myplan.johnhancock.com
|
| 1 | use.fontawesome.com |
myplan.johnhancock.com
|
| 1 | ww4.johnhancock.com | |
| 51 | 12 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| retirement.johnhancock.com |
| players.brightcove.net |
| bcove.video |
| www.johnhancock.com |
| www.facebook.com |
| twitter.com |
| www.linkedin.com |
| www.instagram.com |
| www.jhnavigator.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| ww4.johnhancock.com Cloudflare Inc ECC CA-3 |
2024-02-02 - 2024-12-31 |
a year | crt.sh |
| johnhancock.com Sectigo RSA Organization Validation Secure Server CA |
2024-09-03 - 2025-09-03 |
a year | crt.sh |
| use.fontawesome.com WE1 |
2024-09-09 - 2024-12-09 |
3 months | crt.sh |
| assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-09 - 2025-08-09 |
a year | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-09-25 - 2025-10-26 |
a year | crt.sh |
| *.decibelinsight.net RapidSSL TLS RSA CA G1 |
2023-11-28 - 2024-11-27 |
a year | crt.sh |
| js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-21 - 2025-04-22 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-09-24 - 2024-12-17 |
3 months | crt.sh |
| *.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-12 - 2025-08-12 |
a year | crt.sh |
| *.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-07 - 2025-03-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://myplan.johnhancock.com/login?mkt_tok=ODkzLU9QSy0yODkAAAGWFqzBeyw2wvOS_ZjRO04mzFAZRGtYNHCpZhHq-2bAkx6W4jkhcmOcDmT_EoD0w9c1AwtBdv8TDF3fYjdvFvdXvy7e89TK6uluOkjfKcPhs40
Frame ID: 0B3DAFD0E5CA9192FCBBBAF79CBDA960
Requests: 52 HTTP requests in this frame
Frame:
https://johnhancockfinancialservices.demdex.net/dest5.html?d_nsid=0
Frame ID: A93F5AE5AB47BD5D4875B6584B4A9B62
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Log in to your John Hancock retirement accountPage URL History Show full URLs
- https://ww4.johnhancock.com/ODkzLU9QSy0yODkAAAGWFqzBexuAJCDRX2CD-YzhCpd8TT9vR-iW3wH-yVMQVHfX3d7OTDcWinmB... Page URL
- https://myplan.johnhancock.com/login?mkt_tok=ODkzLU9QSy0yODkAAAGWFqzBeyw2wvOS_ZjRO04mzFAZRGtYNHCpZhHq-2bAkx... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Akamai Bot Manager
(Security)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
URL: https://retirement.johnhancock.com/us/en/participant/participant-app
Title: Stay connected in English or Spanish on John Hancock’s retirement app
Title: Stay connected in English or Spanish on John Hancock’s retirement app
Search URL Search Domain Scan URL
URL: https://players.brightcove.net/407527529001/default_default/index.html?videoId=6247290397001
Title: Welcome to your retirement plan website!
Title: Welcome to your retirement plan website!
Search URL Search Domain Scan URL
URL: https://retirement.johnhancock.com/us/en/participant/webinars.html
Title: Register for a webinar
Title: Register for a webinar
Search URL Search Domain Scan URL
URL: https://retirement.johnhancock.com/bin/jhi-rps/seismic/render?documentName=FAQ-Participant-Site-Phone-System-Update.pdf
Title: FAQ
Title: FAQ
Search URL Search Domain Scan URL
URL: https://retirement.johnhancock.com/bin/jhi-rps/seismic/redirect?documentName=jh-participant-web-security-flyer.pdf
Title: Keep safe online
Title: Keep safe online
Search URL Search Domain Scan URL
URL: https://bcove.video/2wU9TGg
Title: Leaving your employer?
Title: Leaving your employer?
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/who-we-are.html
Title: Who we are
Title: Who we are
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/citizenship.html
Title: Why we do it
Title: Why we do it
Search URL Search Domain Scan URL
URL: https://retirement.johnhancock.com/bin/jhi-rps/seismic/redirect?documentName=jh-lifetime-income-illustration-coming-soon-dc-plans-flyer.pdf
Title: Lifetime income illustration
Title: Lifetime income illustration
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/about-us/news.html
Search URL Search Domain Scan URL
URL: https://www.facebook.com/johnhancock
Search URL Search Domain Scan URL
URL: https://twitter.com/johnhancockusa?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/john-hancock
Search URL Search Domain Scan URL
URL: https://www.instagram.com/johnhancockusa/?hl=en
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/legal.html
Title: LEGAL
Title: LEGAL
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/privacysecurity.html
Title: PRIVACY
Title: PRIVACY
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/accessibility.html
Title: ACCESSIBILITY
Title: ACCESSIBILITY
Search URL Search Domain Scan URL
URL: http://www.jhnavigator.com/com/jhrps/navigator/catalog/svcGetItemFile.cfm?itemVersionID=7291&externalID=43
Title: ACCOUNT SECURITY
Title: ACCOUNT SECURITY
Search URL Search Domain Scan URL
URL: https://www.johnhancock.com/individual.html
Title: CORPORATE WEBSITE
Title: CORPORATE WEBSITE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ww4.johnhancock.com/ODkzLU9QSy0yODkAAAGWFqzBexuAJCDRX2CD-YzhCpd8TT9vR-iW3wH-yVMQVHfX3d7OTDcWinmBQRgliHVlTDr4nrc= Page URL
- https://myplan.johnhancock.com/login?mkt_tok=ODkzLU9QSy0yODkAAAGWFqzBeyw2wvOS_ZjRO04mzFAZRGtYNHCpZhHq-2bAkx6W4jkhcmOcDmT_EoD0w9c1AwtBdv8TDF3fYjdvFvdXvy7e89TK6uluOkjfKcPhs40 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 42- https://cm.everesttech.net/cm/dd?d_uuid=65807354715821382951554542384443421354 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zwkj5gAAAMaxFwO-
51 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
ODkzLU9QSy0yODkAAAGWFqzBexuAJCDRX2CD-YzhCpd8TT9vR-iW3wH-yVMQVHfX3d7OTDcWinmBQRgliHVlTDr4nrc=
ww4.johnhancock.com/ |
525 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
myplan.johnhancock.com/ |
53 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap4_1_3.min.css
myplan.johnhancock.com/Css/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Style.css
myplan.johnhancock.com/Css/ |
50 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
upe.css
myplan.johnhancock.com/Css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
myplan.johnhancock.com/Scripts/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hashtable.js
myplan.johnhancock.com/Scripts/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsa.js
myplan.johnhancock.com/Scripts/ |
56 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.min.js
myplan.johnhancock.com/Scripts/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.unobtrusive.js
myplan.johnhancock.com/Scripts/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
myplan.johnhancock.com/Scripts/ |
50 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dtm.js
myplan.johnhancock.com/Scripts/ |
771 B 611 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
myplan.johnhancock.com/fonts/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
68654372
myplan.johnhancock.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Left%20Hand%20Images.png
myplan.johnhancock.com/Img/CustomLogin/ |
118 KB 118 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Black_logo.png
myplan.johnhancock.com/Img/CustomLogin/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Right%20Hand%20Images.png
myplan.johnhancock.com/Img/CustomLogin/ |
107 KB 107 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MobileApp2.ashx
myplan.johnhancock.com/-/media/UPEUA/ |
184 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Enrollment.ashx
myplan.johnhancock.com/-/media/UPEUA/ |
105 KB 105 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
23703-tile-276x274-welcome-to-your-retirement-website.ashx
myplan.johnhancock.com/-/media/UPEUA/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Contact%20Us.png
myplan.johnhancock.com/Img/CustomLogin/ |
524 B 745 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
News.png
myplan.johnhancock.com/Img/CustomLogin/ |
839 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Facebook.png
myplan.johnhancock.com/Img/CustomLogin/ |
422 B 642 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Twitter.png
myplan.johnhancock.com/Img/CustomLogin/ |
793 B 1014 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Linkedin.png
myplan.johnhancock.com/Img/CustomLogin/ |
471 B 692 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Instagram.png
myplan.johnhancock.com/Img/CustomLogin/ |
587 B 808 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jh-signature-white.svg
myplan.johnhancock.com/Img/CustomLogin/ |
9 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTeHcB
myplan.johnhancock.com/rxT3eS/53/rh/hrWs/QGyfrF6Gpz/G7uGwQVQwSbG/WTAXAg/aExuBy/ |
300 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
use.fontawesome.com/releases/v5.7.0/css/ |
53 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-EN87fc0302002640dfb05c0ca314d251cb.min.js
assets.adobedtm.com/ |
265 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ManulifeJHSans-Light.woff
myplan.johnhancock.com/fonts/CustomLogin/ |
82 KB 82 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ManulifeJHSerif-Italic.woff
myplan.johnhancock.com/fonts/CustomLogin/ |
100 KB 100 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
myplan.johnhancock.com/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ManulifeJHSans-Demibold.woff
myplan.johnhancock.com/fonts/CustomLogin/ |
69 KB 70 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ManulifeJHSans-Regular.woff
myplan.johnhancock.com/fonts//CustomLogin/ |
81 KB 81 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ManulifeJHSans-Bold.woff
myplan.johnhancock.com/fonts/CustomLogin/ |
76 KB 76 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
JTeHcB
myplan.johnhancock.com/rxT3eS/53/rh/hrWs/QGyfrF6Gpz/G7uGwQVQwSbG/WTAXAg/aExuBy/ |
18 B 731 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
dpm.demdex.net/ |
615 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
25 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.json
collection.decibelinsight.net/i/13929/311589/ |
16 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
johnhancockfinancialservices.demdex.net/ Frame A93F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=411&dpuuid=Zwkj5gAAAMaxFwO-
dpm.demdex.net/ Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nr-1216.min.js
js-agent.newrelic.com/ |
38 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC0ddc78e280f645f78448fb467ec70685-source.min.js
assets.adobedtm.com/122318bb3e34/07b0bf5e9653/dba38ada7f91/ |
564 B 602 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
myplan.johnhancock.com/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
281 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2e7ea17242
bam.nr-data.net/1/ |
79 B 579 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
s07725202487796
johnhancockfinancialservices.sc.omtrdc.net/b/ss/jhfswamjhreupeprod/10/JS-2.22.0-LDQM/ |
346 B 772 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pixel_68654372
myplan.johnhancock.com/akam/13/ |
0 580 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
84 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| NREUM object| newrelic function| __nr_require function| $ function| jQuery function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity object| bootstrap object| script function| addtag string| bazadebezolkohpepadr function| PreAuthenticate function| showModal object| _cf object| bmak string| _sdTrace object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer number| _dataLayerOverwriteMonitor function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq object| s object| _da_ string| urhehlevkedkilrobacf object| plugin string| t object| s_i_jhfswamjhreupeprod function| gtag24 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .decibelinsight.net/i/13929/ | Name: da_lid Value: -1809448E98F6EA13989ABB99E42F8624F0|0|0|0 |
|
| .decibelinsight.net/i/13929/ | Name: da_sid Value: 2B3A77BD8CB6AE880DCBAA13A62DCC2F43.1|3|0|3 |
|
| .ww4.johnhancock.com/ | Name: __cf_bm Value: yP_Y3ISWUZ_lIK.DVtpkV94PrDeYacjPIievkC_j7qk-1728652260-1.0.1.1-EObhblx3IHheNhUPPMrUIfP4J2l7mzREmIG9hoJrpScNDerDSixli70F7u_TNyuEzZ.0Z2BS6nU9d1n_Gx9Ocg |
|
| myplan.johnhancock.com/ | Name: s_upe Value: y0jfvzjesrlo0smwem3v1oce |
|
| myplan.johnhancock.com/ | Name: SC_ANALYTICS_GLOBAL_COOKIE Value: b3f84a983eca439f91f9f14995d798dd|False |
|
| myplan.johnhancock.com/ | Name: RefreshFilter Value: https://myplan.johnhancock.com:9443/login?mkt_tok=ODkzLU9QSy0yODkAAAGWFqzBeyw2wvOS_ZjRO04mzFAZRGtYNHCpZhHq-2bAkx6W4jkhcmOcDmT_EoD0w9c1AwtBdv8TDF3fYjdvFvdXvy7e89TK6uluOkjfKcPhs40 |
|
| myplan.johnhancock.com/ | Name: __RequestVerificationToken Value: LhhWVSBrEJhIgb4BkraKIo3p9-ArtgPZnWU4Rmj3rI2Deejl-1N8HC-QxIvrBgHEOvwNT_yYC15EYnD0Tz9kmTY4xW9z0yaeM_tUUJQHqgY1 |
|
| .johnhancock.com/ | Name: bm_sz Value: 75EEC0253C9C8A434E4CBC2B5DAFA3FA~YAAQFShDF4Yrum+SAQAAFzu0exmpZUA50kS9AWlfcQEpWvr0AiD78owyy7o/vR3kHcPxTki1buQhxSoGclQA0fonPEljWO+H8NIsANFS2NifhJVOUOIRuamY59LPSRktbMz12XVi4GIcgSSJ6MEMqBCxMCv57PF4HOlvD2nuX6XMUC+4SGzSJDBSP5vVeHLB2QIQR6Dr8EoDzDV60Bih7RtBmeXpirFKk9qROYHglvnzipU69N+5iEpLdTSljxGxhawaMDK+REXHAn2N7e1ry2Qwuvo48IuTO5jAhyCM8jCKjfZiOl/0xjHUqEUBiHmLbP9a4oSfgq9L5ux0Zay2OQ5zKbwE6JKTbM7bYEvutYIzfUs3LpOq7zEpCb6kS8HL2qdGi1lrEdngHP7wRQChWP1Oww==~4404281~4471109 |
|
| .demdex.net/ | Name: demdex Value: 65807354715821382951554542384443421354 |
|
| .johnhancock.com/ | Name: AMCVS_369B27E253DB0DB20A490D4E%40AdobeOrg Value: 1 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1728652262902 |
|
| .dpm.demdex.net/ | Name: dpm Value: 65807354715821382951554542384443421354 |
|
| .johnhancock.com/ | Name: AMCV_369B27E253DB0DB20A490D4E%40AdobeOrg Value: -637568504%7CMCIDTS%7C20008%7CMCMID%7C65827753162621983131556863666534097204%7CMCAAMLH-1729257062%7C6%7CMCAAMB-1729257062%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1728659462s%7CNONE%7CMCSYNCSOP%7C411-20015%7CvVersion%7C5.1.1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnF3DDt-oSgR7D2Jk10sWxW6LUm4KX2QwIRJsklAzM8RvmO4EQEF8mYjS-cqFQ |
|
| .johnhancock.com/ | Name: _abck Value: BB2C795B4F613544AD5FB9672264D42F~0~YAAQFShDF88rum+SAQAAez60ewzZ2WsNoBeFJ139SUCGjNkNkFYzooLUIkwCO5Voq+wtISgMqpqP7XWq6qaHGy9Lf+/AEuzTE20Nwli/Dk5E2s/xiMiFe+PHxufK7yvAr5CldHNvl/SNlePk3m2WMz0SioO5PuZitW65paXFES0tIVocYtVl2K+Niu1jZ2XHw8Kmct9G/GnvM5hvrxAKt087gbPA1xTa2iy9QhjJgiCUQNg2aJVrYvzOBkt9Ouc8/ljS/vB7LMqfyHhSi8qUD3+iolbC6V90Efj08+xTpek3F871g9cHgTgvEgcp8MpJSMph3LN8TzcW3iP4mxpuY0I5lvlX/FpxGSgpR6/H8ZRRGvbU2hjd+zOl4OVwhuTp+ETLDh3jpFbAzCIK3S5eVfu29ar3Etyo/XlTn+V++GniYR1X717JDDUznlbbpLxlKWhOLjmykcE+Osajzg==~-1~||0||~-1 |
|
| .johnhancock.com/ | Name: s_ppn Value: MLN%3ALog%20in%20to%20your%20John%20Hancock%20retirement%20account |
|
| .johnhancock.com/ | Name: s_purl Value: https%3A%2F%2Fmyplan.johnhancock.com%2Flogin%3Fmkt_tok%3Dodkzlu9qsy0yodkaaagwfqzbeyw2wvos_zjro04mzfazrgtynhcpzhhq-2bakx6w4jkhcmocdmt_eod0w9c1awtbdv8tdf3fyjdvfvdxvy7e89tk6uluokjfkcphs40 |
|
| .johnhancock.com/ | Name: s_getNewRepeat Value: 1728652263112-New |
|
| .johnhancock.com/ | Name: s_tslv Value: 1728652263112 |
|
| .johnhancock.com/ | Name: s_tp Value: 2353 |
|
| .johnhancock.com/ | Name: s_ppv Value: MLN%253ALog%2520in%2520to%2520your%2520John%2520Hancock%2520retirement%2520account%2C51%2C51%2C1200 |
|
| .johnhancock.com/ | Name: s_cc Value: true |
|
| .johnhancock.com/ | Name: ak_bmsc Value: 9F443A43F8A787DC89074008620C80B6~000000000000000000000000000000~YAAQFShDF+orum+SAQAAAkC0exmlNKLa6gZRNC+7pU3I7zA+745DlKRl/2C+e199q35fH6aICgl9vgD1RpFoaVVjSNJYOR1cQ8BN5hHHhXfrbppIwnZFaqtgaaFh7BfExgAQeN9NSi/bSjFIkz+kVC8SRHBNOkICwpipQ45sBpimZSbvbLN6a29Ph5MzG7eQFRfguGLJhdef6gu7siQ4xB0QgiRZnoxrBj/44PRxBTAfZIOUf/LHhawL3TJ6acrJK11dNkMobs7z+UiyTTDuRcyRKm3Ca+ihgZ5gCJhOUIoXPRUa3HOfE8IfmB9jkfRReYBZzljwmQmAzX9203SnRx7FauRX3xA46yJHs5A88kYUVmUL1u6Mm5nwuKVPLje+t4ETyp+ttOWZgie+07YllStitEPrSmw7wOglaWUx1+tnJn1Mdg6AvYu3tT9PBLb9F3v3q/ueK1URH4tCM2RjTyBQ |
|
| .nr-data.net/ | Name: JSESSIONID Value: dd858956fd6a692e |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'self'; img-src 'self';script-src 'self' 'sha256-ZPm5Y5Ei5JGr0drvoleI6ugpoHh216jGvea3vxvy390=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self' |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
bam.nr-data.net
cm.everesttech.net
collection.decibelinsight.net
dpm.demdex.net
johnhancockfinancialservices.demdex.net
johnhancockfinancialservices.sc.omtrdc.net
js-agent.newrelic.com
myplan.johnhancock.com
use.fontawesome.com
ww4.johnhancock.com
www.googletagmanager.com
104.17.71.206
130.61.120.2
162.247.243.29
23.45.106.148
2602:816:5001::39
2606:4700:3036::6815:1b98
2a00:1450:4001:802::2008
2a02:26f0:11a:19d::1e80
34.255.61.41
52.19.118.55
63.140.62.17
01a4b53af5445454c7f2cb98d5ca258a428971d963acc7c3a2a5828d3f6685f2
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
04dd2f94ba01e93fea75924c6be1be5802af821710d08e7f9ce23b8ae0233aea
0c549333b1e218087a18cf344ac318b2c3ce60601cde4035397ff93390f1c6ad
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b55ea3f9abda1af99e2bc79e4235bb613a3418a369524cf77e31f4fa972c055
2c65b63d21b064d07d89c8d1f0410c8ca52675a9d9d2d6de42434e757018fe42
315f990d42d02599ac94356d12b20d43d0b8f689850fa2329b19418b934305bd
428e08e8f1979ba52fc73ccb5d388271555db162eb54baf3beae0af892f7b7b1
43ef3f49eea628610bdb8a632e6d4f2517c83a56fd7b88ec51fc948cad81d1e0
4a12e378f6ed8cd5fa37e90ce6610cf622508ee1f2c088388995128041c8d3e4
62274ff0b173f16da779fead7763f1942f8213ff70089797c39b523dec04791e
63b37057b34adbe8cae942aad5df48ee1b3f626de439f2f5ece58ec4fdb3a527
6ae5f24abcd72a48ed3876f263f7a6c7a4272bc6933dafa05e4344cfd66f4a34
6e22fa5565c98afa69f54fe314414f0a4050a1e2232861e01333802299320475
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8ef832cc6ab9f6898d7d4261e654395fc43f0ea5266cfa6bf923de5788ead8d4
904181b4b5c6e48a154b889b61da07597859420c49069c7111c3eb49de05670b
92c9f9d308163f46b49d447c6536a4ee62f5d33080c668c7bfb603eb2f4c0ebc
a00c2d1e8c4b0a26fbe7031e17a10b1e8c92ca1993e7182579fa1237344e0d32
a0160b92e79068350b59ae8ccf51b95ea7edaa895eac56b51ecc8890d27d4c59
aac4a6531f0036745ee53925b7c9136f87f2a752f5b5f5ce7fbcb913283f9e0a
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c2eb6003676d025d64446223272578f95c40c8f143860169bf3dd431b12d30f5
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c9ffa8a658b9bae4c9aeb0d9e7e5b47180c7b4cb5bfcb692169077f87052ac31
d0bd6658f9da18b0a473ae5be1df45fda351d7921b85decefdae6f7f58f9e1bb
d3e31901086d0f83441e6b7443e1e72e5c049555127a6e9d4f1433d8adb87005
d4cef5bb0b69f83cb280e426c5eaa44f1d42c17839f8c5eeb1b9f49d9e45d980
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d5f2525220b7475d066b1584e84e1cd53135627e8b72f24a382cd40cc4f5c42d
d5fd99965f899ee113ca262ca4356da67f392255c92e3c3e206f87e8087772f1
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dd92c9eb905e844e935622f42bd7a1ee2108c1b2ce9232f5cdbf43471cb9ebe3
e342720597871d0226850d05f61155a602583438528d2fd28271d545894aec40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5133f0bf9d96b98a7d5aa146b04d5a2187367bfc6c5f5fa09efd79d9fce102e
e56c1a0b5e9926d2fe31abdadf5bcef539f1028e4607991dc6c24a476b876072
e5e900c59392cee09c388cd84bf524187ff929e36f340ae30b6d09c0489273ea
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e752c35a5d4873d773733446d59d10e0937ef3866ed9873fde525756de7c695f
eaf8c7d889d6fe5334fe63a481c41f27eb031df9fa5530966d8e7cae770544cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19550e13ed2b6c080a8e685d37a6583c941410b57e45915d5f03d3c504759ad
f97c638783bbeba868fb9797a06732162ba7a5e1cff4170b71268eabe8b51639