Submitted URL: http://myplans.foresters.co.uk/
Effective URL: https://myplans.foresters.co.uk/
Submission: On March 27 via api from US — Scanned from GB

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 89.206.215.143, located in Manchester, United Kingdom and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is myplans.foresters.co.uk.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 22nd 2023. Valid for: a year.
This is the only time myplans.foresters.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 89.206.215.143 8426 (CLARANET-...)
4 13.225.78.26 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.170.169.58 39849 (PTX-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 80.168.100.142 8426 (CLARANET-...)
1 52.222.236.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
19 9
Apex Domain
Subdomains
Transfer
8 foresters.co.uk
myplans.foresters.co.uk
myplans-be.foresters.co.uk
1023 KB
5 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3129
consent-pref.trustarc.com — Cisco Umbrella Rank: 15732
35 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 gstatic.com
www.gstatic.com
199 KB
1 sagepay.com
pi-live.sagepay.com — Cisco Umbrella Rank: 359483
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
69 KB
19 6
Domain Requested by
6 myplans.foresters.co.uk myplans.foresters.co.uk
4 consent.trustarc.com myplans.foresters.co.uk
consent.trustarc.com
2 myplans-be.foresters.co.uk myplans.foresters.co.uk
2 www.google.com myplans.foresters.co.uk
www.gstatic.com
1 www.gstatic.com www.google.com
1 consent-pref.trustarc.com consent.trustarc.com
1 pi-live.sagepay.com myplans.foresters.co.uk
1 www.googletagmanager.com myplans.foresters.co.uk
19 8

This site contains links to these domains. Also see Links.

Domain
www.foresters.com
Subject Issuer Validity Valid
*.foresters.co.uk
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-22 -
2024-05-04
a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02
2024-03-16 -
2025-04-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
live.sagepay.com
Entrust Certification Authority - L1K
2023-06-09 -
2024-06-23
a year crt.sh
www.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 3 frames:

Primary Page: https://myplans.foresters.co.uk/
Frame ID: 3C3C3A646878A9AEB76CDA7D0F597188
Requests: 17 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=foresters_slider&site=foresters.com&country=gb&action=notice&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=75c7b4c2-25a7-462a-b60b-2c7ad9bb9fc9&userType=NEW
Frame ID: C5F519661B71284A5AFD0703E32623B1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxffklAAAAAFrCXeV8TVuTYUeJanSrbOckxv8b&co=aHR0cHM6Ly9teXBsYW5zLmZvcmVzdGVycy5jby51azo0NDM.&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=ds0x4vqfc3do
Frame ID: 2FA3AF2C26D05AA6634C585163CAC976
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

MyPlans | Foresters Financial

Page URL History Show full URLs

  1. http://myplans.foresters.co.uk/ HTTP 307
    https://myplans.foresters.co.uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

95 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

9
IPs

4
Countries

1366 kB
Transfer

4251 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myplans.foresters.co.uk/ HTTP 307
    https://myplans.foresters.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
myplans.foresters.co.uk/
Redirect Chain
  • http://myplans.foresters.co.uk/
  • https://myplans.foresters.co.uk/
1 KB
1 KB
Document
General
Full URL
https://myplans.foresters.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.206.215.143 Manchester, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
MyPlans.foresters.co.uk
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a553b8c8f3e9dcad8f0b8a139f748fc095a4b641ff97d6ae6ee52cb219376471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
964
Content-Type
text/html
Date
Wed, 27 Mar 2024 23:42:27 GMT
ETag
"0d36fb7d67ada1:0"
Last-Modified
Wed, 20 Mar 2024 14:55:58 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Location
https://myplans.foresters.co.uk/
Non-Authoritative-Reason
HttpsUpgrades
notice
consent.trustarc.com/
14 KB
6 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=foresters.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
cd3be873c413a6482658e73685c6602a4969b4284d008bc9920cf075d5b90a4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
Origin
https://myplans.foresters.co.uk
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:02:22 GMT
content-encoding
gzip
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
2406
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
content-length
5496
x-amz-cf-id
hRoBDcPrGcDsqIUd096KUBDTzXt4kqJDiGxs4FSDyZ4K3mTgNNPTJA==
main.ef132a64.js
myplans.foresters.co.uk/static/js/
3 MB
912 KB
Script
General
Full URL
https://myplans.foresters.co.uk/static/js/main.ef132a64.js
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.206.215.143 Manchester, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
MyPlans.foresters.co.uk
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0dcf322a3866b76ac0304b4d38952bf52237adcb86dc3819ed521c96436f61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Date
Wed, 27 Mar 2024 23:42:27 GMT
Last-Modified
Wed, 20 Mar 2024 14:55:58 GMT
Server
Microsoft-IIS/10.0
ETag
"0d36fb7d67ada1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
933002
main.a63c4916.css
myplans.foresters.co.uk/static/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://myplans.foresters.co.uk/static/css/main.a63c4916.css
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.206.215.143 Manchester, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
MyPlans.foresters.co.uk
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf5b809475e91767cfa1fb1902c842a9c87a7012a7e78a1c9c0380a8812f1988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Date
Wed, 27 Mar 2024 23:42:27 GMT
Last-Modified
Wed, 20 Mar 2024 14:55:58 GMT
Server
Microsoft-IIS/10.0
ETag
"0d36fb7d67ada1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
6147
gtm.js
www.googletagmanager.com/
189 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXJKZXS
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e67f074439a8781bb51697ee8efc778c034a5727d0812b5561870282afa22b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:42:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69831
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 23:05:30 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Mar 2024 23:42:28 GMT
v1.7-3185
consent.trustarc.com/asset/notice.js/v/
92 KB
27 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-3185
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=foresters.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
Origin
https://myplans.foresters.co.uk
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 27 Mar 2024 23:10:07 GMT
content-encoding
gzip
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Mar 2024 02:16:13 GMT
x-amz-cf-pop
FRA2-C2
age
1941
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
RVqpMyXeQ_1q76MXfWfrNEvWTUxjcsyA_AxPFHeQgQoVm8qwo2mO6A==
log
consent.trustarc.com/
43 B
1 KB
Image
General
Full URL
https://consent.trustarc.com/log?domain=foresters.com&country=gb&state=&behavior=expressed&session=75c7b4c2-25a7-462a-b60b-2c7ad9bb9fc9&userType=NEW&c=f03f&referer=https://myplans.foresters.co.uk
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:42:28 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
OqRrN73D0QAOdXb-J_8xaIliNHPt-J9mo_SPWYJAAMH0oj2C-4rjgw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
sagepay.js
pi-live.sagepay.com/api/v1/js/
119 KB
39 KB
Script
General
Full URL
https://pi-live.sagepay.com/api/v1/js/sagepay.js
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/static/js/main.ef132a64.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.170.169.58 , Ireland, ASN39849 (PTX-AS, IE),
Reverse DNS
Software
/
Resource Hash
21710b046163500f4bb8ecd254d2b636a5d8c2ed7002ae4574201e68101ae57e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:42:28 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-b3-traceid
0efa729bd2cbc2b30194cc11eee97443
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
x-transaction-id
NA
x-envoy-upstream-service-time
41
Connection
keep-alive
c6c56894-7673-4def-a459-505f5f0ef484
https://myplans.foresters.co.uk/
2 KB
0
Other
General
Full URL
blob:https://myplans.foresters.co.uk/c6c56894-7673-4def-a459-505f5f0ef484
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06204e852b1458d22dad19f8e06197a5e6f1efad0a5e3edb2cd8575b88d87db0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1696
Content-Type
application/javascript
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdxffklAAAAAFrCXeV8TVuTYUeJanSrbOckxv8b
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/static/js/main.ef132a64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3fd21594d533f79e092a1b10b31def9b56b0691b9c45662b3854d7a3add0640
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:42:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 27 Mar 2024 23:42:28 GMT
foresters-logo.5773170db4fbe33c8381.png
myplans.foresters.co.uk/static/media/
28 KB
28 KB
Image
General
Full URL
https://myplans.foresters.co.uk/static/media/foresters-logo.5773170db4fbe33c8381.png
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.206.215.143 Manchester, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
MyPlans.foresters.co.uk
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
78262fb221561ccea70b548b403e154956cbf3424ccbe2ae3891ca267397906e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 27 Mar 2024 23:42:27 GMT
Last-Modified
Wed, 20 Mar 2024 14:55:58 GMT
Server
Microsoft-IIS/10.0
ETag
"0d36fb7d67ada1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28669
getenvironmentsetting
myplans-be.foresters.co.uk/api/Portal/ Frame
0
0
Preflight
General
Full URL
https://myplans-be.foresters.co.uk/api/Portal/getenvironmentsetting
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
80.168.100.142 Bristol, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://myplans.foresters.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://myplans.foresters.co.uk
Cache-Control
no-cache
Date
Wed, 27 Mar 2024 23:42:28 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
ASP.NET
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9db8b31648ea9737e75cf41ac4069fd88cadc0c4c4322c7d2dd7589f57e0d4b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
getenvironmentsetting
myplans-be.foresters.co.uk/api/Portal/
11 KB
12 KB
XHR
General
Full URL
https://myplans-be.foresters.co.uk/api/Portal/getenvironmentsetting
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/static/js/main.ef132a64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
80.168.100.142 Bristol, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1e67522280716cf620f1c4970b9d2234b387c7deba6ea4d34f08df0a506893e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://myplans.foresters.co.uk/
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 27 Mar 2024 23:42:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://myplans.foresters.co.uk
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
MuseoSans.34274fbfb2f270b8d53b.bin
myplans.foresters.co.uk/static/media/
61 KB
62 KB
Font
General
Full URL
https://myplans.foresters.co.uk/static/media/MuseoSans.34274fbfb2f270b8d53b.bin
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/static/css/main.a63c4916.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.206.215.143 Manchester, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
MyPlans.foresters.co.uk
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/static/css/main.a63c4916.css
Origin
https://myplans.foresters.co.uk
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 27 Mar 2024 23:42:27 GMT
Last-Modified
Wed, 20 Mar 2024 14:55:58 GMT
Server
Microsoft-IIS/10.0
ETag
"0d36fb7d67ada1:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
62924
/
consent-pref.trustarc.com/ Frame C5F5
0
0
Document
General
Full URL
https://consent-pref.trustarc.com/?type=foresters_slider&site=foresters.com&country=gb&action=notice&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=75c7b4c2-25a7-462a-b60b-2c7ad9bb9fc9&userType=NEW
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-3185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://myplans.foresters.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
5111
content-type
text/html
date
Wed, 27 Mar 2024 23:42:28 GMT
expect-ct
max-age=86400; enforce;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-id
kWt0DT9QzDwNW9R5sKYvsxWPa6Q_0SaoQEPOCChLYFH_hpMtLZ8yeQ==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
noticemsg
consent.trustarc.com/
43 B
1 KB
Image
General
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=foresters.com&behavior=expressed&country=gb&language=en&rand=0.4414010572541185&session=75c7b4c2-25a7-462a-b60b-2c7ad9bb9fc9&userType=NEW&referer=https://myplans.foresters.co.uk
Requested by
Host: myplans.foresters.co.uk
URL: https://myplans.foresters.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:42:28 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
8w07jjpvtRCZUck316OYaZCRIlB0He5AzmpvJeznrmdZoxpEcUtAOA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/
499 KB
199 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdxffklAAAAAFrCXeV8TVuTYUeJanSrbOckxv8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
Origin
https://myplans.foresters.co.uk
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 22:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203410
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 04:00:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Mar 2025 22:57:14 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2FA3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxffklAAAAAFrCXeV8TVuTYUeJanSrbOckxv8b&co=aHR0cHM6Ly9teXBsYW5zLmZvcmVzdGVycy5jby51azo0NDM.&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=ds0x4vqfc3do
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9IKwZyAK2CvGLZpHmGsOZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myplans.foresters.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9IKwZyAK2CvGLZpHmGsOZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 23:42:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
faviconMyPlan.ico
myplans.foresters.co.uk/
1 KB
1 KB
Other
General
Full URL
https://myplans.foresters.co.uk/faviconMyPlan.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.206.215.143 Manchester, United Kingdom, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
MyPlans.foresters.co.uk
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b8110f9fba9a2e26485c3349f9cf2118dc70bb82444a2fd8c6f9d63d77ce4d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://myplans.foresters.co.uk/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 27 Mar 2024 23:42:29 GMT
Last-Modified
Wed, 20 Mar 2024 14:53:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0f4d53d67ada1:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
1150

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onpagereveal object| dataLayer function| _truste_eumap object| truste string| userType number| $temp_outerdiv object| $temp_style_outerdiv string| __reactRouterVersion function| _ function| onRecaptchaLoadCallback function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| google_tag_manager object| google_tag_data object| __dispatched__ undefined| __i__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| SagePayConfig undefined| $ function| jQuery object| Sagepay object| HostedPage function| sagepayCheckout function| sagepayDropin function| sagepayOwnForm object| recaptcha object| closure_lm_776563

5 Cookies

Domain/Path Name / Value
.myplans.foresters.co.uk/ Name: TAsessionID
Value: 75c7b4c2-25a7-462a-b60b-2c7ad9bb9fc9|NEW
.myplans.foresters.co.uk/ Name: notice_behavior
Value: expressed,eu
pi-live.sagepay.com/ Name: AWSALBCORS
Value: S8X6OY8v/O/moK/QgyE0k8sUEvzkkmHPCTtjqZktJgnXZ+wYXcPmEiM45FtIIMwXaIjRW+Ta1/kLmbNU6jVjWUuGdXMZ/lnf51tErLGWd5P/E9uvEFucSPzYn6zo
myplans-be.foresters.co.uk/ Name: SessionId
Value: 5e2f4c7f-88c0-4aba-b6b0-955f6b3b27e1
myplans-be.foresters.co.uk/ Name: CurrentSessionId
Value: 5e2f4c7f-88c0-4aba-b6b0-955f6b3b27e1

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://myplans.foresters.co.uk/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://myplans.foresters.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent-pref.trustarc.com
consent.trustarc.com
myplans-be.foresters.co.uk
myplans.foresters.co.uk
pi-live.sagepay.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.225.78.26
195.170.169.58
2a00:1450:4001:811::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
52.222.236.93
80.168.100.142
89.206.215.143
06204e852b1458d22dad19f8e06197a5e6f1efad0a5e3edb2cd8575b88d87db0
1e67522280716cf620f1c4970b9d2234b387c7deba6ea4d34f08df0a506893e1
21710b046163500f4bb8ecd254d2b636a5d8c2ed7002ae4574201e68101ae57e
6b8110f9fba9a2e26485c3349f9cf2118dc70bb82444a2fd8c6f9d63d77ce4d4
6e67f074439a8781bb51697ee8efc778c034a5727d0812b5561870282afa22b6
78262fb221561ccea70b548b403e154956cbf3424ccbe2ae3891ca267397906e
7904d8846e66f0c538335e696b4e06fe1d1d10f8856e275316d409efda45ead9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a553b8c8f3e9dcad8f0b8a139f748fc095a4b641ff97d6ae6ee52cb219376471
b9db8b31648ea9737e75cf41ac4069fd88cadc0c4c4322c7d2dd7589f57e0d4b
bf5b809475e91767cfa1fb1902c842a9c87a7012a7e78a1c9c0380a8812f1988
cd3be873c413a6482658e73685c6602a4969b4284d008bc9920cf075d5b90a4d
d3fd21594d533f79e092a1b10b31def9b56b0691b9c45662b3854d7a3add0640
e0dcf322a3866b76ac0304b4d38952bf52237adcb86dc3819ed521c96436f61b
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801