urlscan.io logo urlscan.io
SecurityTrails logo

wwwec7.manulife.com Open in urlscan Pro
23.217.33.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wwwec7.manulife.com/signin/en#benefits
Effective URL: https://wwwec7.manulife.com/signin/en
Submission: On December 29 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 21 domains to perform 42 HTTP transactions. The main IP is 23.217.33.182, located in New York, United States and belongs to AKAMAI-AS, US. The main domain is wwwec7.manulife.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 28th 2021. Valid for: a year.
This is the only time wwwec7.manulife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 23.217.33.182 16625 (AKAMAI-AS)
3 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 52.88.252.250 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
1 52.33.81.96 16509 (AMAZON-02)
1 1 52.23.74.168 14618 (AMAZON-AES)
1 52.10.149.115 16509 (AMAZON-02)
2 3 68.67.160.132 29990 (ASN-APPNEX)
2 3 142.250.80.34 15169 (GOOGLE)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 173.231.184.20 29791 (VOXEL-DOT...)
2 2 52.85.61.100 16509 (AMAZON-02)
2 2 54.80.152.36 14618 (AMAZON-AES)
7 7 151.101.66.49 54113 (FASTLY)
1 8.39.36.142 26667 (RUBICONPR...)
1 2 23.52.162.21 16625 (AKAMAI-AS)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 2 192.35.249.127 11742 (SPOTX-IAD)
1 2a03:2880:f11... 32934 (FACEBOOK)
42 17
17    23.217.33.182 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-33-182.deploy.static.akamaitechnologies.com
wwwec7.manulife.com
3    2600:1400:d:5a5::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    52.88.252.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-252-250.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    52.33.81.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-81-96.us-west-2.compute.amazonaws.com
manulife.demdex.net
1    52.23.74.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-74-168.compute-1.amazonaws.com
cm.everesttech.net
1    52.10.149.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-149-115.us-west-2.compute.amazonaws.com
manugbpm.112.2o7.net
3    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    173.231.184.20 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
2    52.85.61.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-100.ewr53.r.cloudfront.net
ads.scorecardresearch.com
2    54.80.152.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-152-36.compute-1.amazonaws.com
sync.crwdcntrl.net
7    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
17 wwwec7.manulife.com wwwec7.manulife.com
8 dpm.demdex.net wwwec7.manulife.com
7 sync-tm.everesttech.net 7 redirects
3 cm.g.doubleclick.net 2 redirects
3 ib.adnxs.com 2 redirects
3 assets.adobedtm.com wwwec7.manulife.com
assets.adobedtm.com
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 ads.scorecardresearch.com 2 redirects
2 cm.adgrx.com 2 redirects
1 www.facebook.com
1 image2.pubmatic.com
1 pixel.rubiconproject.com
1 c.bing.com 1 redirects
1 manugbpm.112.2o7.net
1 cm.everesttech.net 1 redirects
1 manulife.demdex.net assets.adobedtm.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com wwwec7.manulife.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com wwwec7.manulife.com
0 us-u.openx.net Failed
42 23

This site contains links to these domains. Also see Links.

Domain
www.manulife.ca
itunes.apple.com
play.google.com
www.manulife.com
Subject Issuer Validity Valid
manulife.com
Sectigo RSA Organization Validation Secure Server CA		 2021-04-28 -
2022-04-28		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.112.2o7.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-14 -
2022-04-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://wwwec7.manulife.com/signin/en
Frame ID: 847EAEF4DAEAE0C482B9D408C150A77A
Requests: 27 HTTP requests in this frame

Frame: https://manulife.demdex.net/dest5.html?d_nsid=0
Frame ID: AE0C455884AFF9D92C412B07B9DA2424
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Manulife

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

64 %
HTTPS

23 %
IPv6

21
Domains

23
Subdomains

17
IPs

1
Countries

1038 kB
Transfer

1405 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://cm.everesttech.net/cm/dd?d_uuid=63785178160369704250449759675483421653 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcxphQAAAJEGggRA
Request Chain 27
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6357643879111143344
Request Chain 28
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjM3ODUxNzgxNjAzNjk3MDQyNTA0NDk3NTk2NzU0ODM0MjE2NTM= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjM3ODUxNzgxNjAzNjk3MDQyNTA0NDk3NTk2NzU0ODM0MjE2NTM=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMAR8c2XfzmYk9vPZVhBCqk&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 29
  • https://c.bing.com/c.gif?uid=63785178160369704250449759675483421653&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=03BF7EB08A876F53230B6FAC8B516ECF
Request Chain 30
  • https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=adobe_aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=58342&dpuuid=6739938e-68af-11ec-943f-2ee2bb6cbf8f
Request Chain 31
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=63785178160369704250449759675483421653&rn=1640786309322&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D63785178160369704250449759675483421653 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=63785178160369704250449759675483421653&rn=1640786309322&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D63785178160369704250449759675483421653 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=63785178160369704250449759675483421653
Request Chain 32
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63785178160369704250449759675483421653?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=63785178160369704250449759675483421653?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=37a017ac9727a1a15db91de591fd1b5e
Request Chain 33
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWN4cGhRQUFBSkVHZ2dSQQ==
Request Chain 34
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcxphQAAAJEGggRA&expires=90
Request Chain 35
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcxphQAAAJEGggRA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcxphQAAAJEGggRA&C=1
Request Chain 36
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YcxphQAAAJEGggRA
Request Chain 37
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcxphQAAAJEGggRA
Request Chain 38
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcxphQAAAJEGggRA
Request Chain 39
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcxphQAAAJEGggRA&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcxphQAAAJEGggRA&img=1&__user_check__=1&sync_id=67cca204-68af-11ec-ad0e-17f3de0b0103
Request Chain 40
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcxphQAAAJEGggRA&t=2592000&o=0

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en
wwwec7.manulife.com/signin/ 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2fe90e0dc515b5fdceeb387033e95501e03243ce995a533eb3ba6fa1ec359c9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Server
X-Frame-Options
SAMEORIGIN
X-AspNet-Version
X-Powered-By
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 29 Dec 2021 13:58:28 GMT
Content-Length
15586
Connection
keep-alive
bundle
wwwec7.manulife.com/signin/Content/css/ 		162 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/Content/css/bundle?v=4_egE6CEaP0x2J0KiJtMUHezIBh0TF6uYRleiGbnGnQ1
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
7a9a055b2844df8481c42e2d651f78a75b514258cfde7523e017e1cee2f35f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 13:58:28 GMT
Server
X-AspNet-Version
X-Powered-By
,
Vary
User-Agent, Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Content-Length
30304
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Dec 2022 13:58:28 GMT
mli_bundle
wwwec7.manulife.com/signin/Content/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
f3f2546c64513949ccf602aaaca6de58f8f85429be066f51a7a31c4c8a8c5273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 13:58:28 GMT
Server
X-AspNet-Version
X-Powered-By
,
Vary
User-Agent, Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Content-Length
5164
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Dec 2022 13:58:28 GMT
jquery
wwwec7.manulife.com/signin/bundles/ 		647 KB
648 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/bundles/jquery?v=sj3bhvcHpQgDz_SPdGR4s__2nvZEg-kPkbBuMPD85-c1
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
4583e414e166e20a9742e61218b97b9de8fa3b585ddf5d2774eb45692533be3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 13:58:28 GMT
Server
X-AspNet-Version
X-Powered-By
,
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Content-Length
662741
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Dec 2022 13:58:28 GMT
GBRS
wwwec7.manulife.com/signin/bundles/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/bundles/GBRS?v=H59-Mq0lvYBb-ThlOGtJaDawpP5K-5H1dxHfCF5lblk1
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
514dc13226aa277cf522a417183043ba31c4796be271a71a063b46dead113a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 13:58:28 GMT
Server
X-AspNet-Version
X-Powered-By
,
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Content-Length
14361
X-XSS-Protection
1; mode=block
Expires
Thu, 29 Dec 2022 13:58:28 GMT
launch-EN38d78358430d41b79487b8d6fe305681.min.js
assets.adobedtm.com/b84dbf01908c/779ef5fcf907/ 		213 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b84dbf01908c/779ef5fcf907/launch-EN38d78358430d41b79487b8d6fe305681.min.js
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
01f932f82062b01456a6912ffe08b2bd752948c4951a8a406aa0a028b06783a3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 13:58:28 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 18:20:06 GMT
server
AkamaiNetStorage
etag
"4f53a021fa19c2d27b38944cdacae9cc:1638555606.186053"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wwwec7.manulife.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
63354
expires
Wed, 29 Dec 2021 14:58:28 GMT
logo_en.gif
wwwec7.manulife.com/signin/Content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/logo_en.gif
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
6baf0e78ff0d3f671dcaf80a50f4afb33895938a59a3918cafcd51a47f53f699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/gif
Cache-Control
max-age=584
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2625
X-XSS-Protection
1; mode=block
appstore-en.png
wwwec7.manulife.com/signin/Content/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/appstore-en.png
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
95997f3e9beaa3ad35e26fe54db7c14df905a725fa2b83d9d7587e1d75fdbbda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/png
Cache-Control
max-age=833
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23840
X-XSS-Protection
1; mode=block
googleplay-en.png
wwwec7.manulife.com/signin/Content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/googleplay-en.png
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
b43418c576332163583f9ab6885b6cb7e9148d8e4bc0f3a32c1f292189d6781b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/png
Cache-Control
max-age=1596
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11336
X-XSS-Protection
1; mode=block
modal-close-button.svg
wwwec7.manulife.com/signin/Content/images/ 		641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/modal-close-button.svg
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
8407414be44fe7463ef126e8f4292fd0e74b4fa4948a554e297a917ad5699bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 04 Nov 2021 17:53:32 GMT
Server
X-Powered-By
,
ETag
"0f691e1a4d1d71:0"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
641
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 12:35:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Dec 2021 13:58:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Dec 2021 13:58:28 GMT
selector@2x.png
wwwec7.manulife.com/signin/Content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/selector@2x.png
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
0dfe413916118d0f039632361164ec7c853a19bbc0d47a1805e8cc8249124fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/png
Cache-Control
max-age=953
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2968
X-XSS-Protection
1; mode=block
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wwwec7.manulife.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 22:58:42 GMT
x-content-type-options
nosniff
age
140386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Dec 2022 22:58:42 GMT
external-link-primary.svg
wwwec7.manulife.com/signin/Content/images/ 		193 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/external-link-primary.svg
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
7f147a93638e3160eda64bbd15bc99091bb453be323ea7bd2e747188aa882814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193
X-XSS-Protection
1; mode=block
grid-loader.svg
wwwec7.manulife.com/signin/Content/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/grid-loader.svg
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
5a21f55f1e066f26e14761b97c76f03c788c27cea8c66971f248112f9828e2ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2304
X-XSS-Protection
1; mode=block
external-link-white.svg
wwwec7.manulife.com/signin/Content/images/ 		190 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/external-link-white.svg
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
23665c7cf8978adf6f8bfa46ac85c8741e26477f2c6e085ee2e16ce831d6d9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/Content/css/mli_bundle?v=4jvlfXFxVcqxJ90L9GIE_bxxBqyz42A2eS3laThUKx01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
190
X-XSS-Protection
1; mode=block
fontello.woff
wwwec7.manulife.com/signin/Content/fonts/fontello/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/Content/fonts/fontello/fontello.woff
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/Content/css/bundle?v=4_egE6CEaP0x2J0KiJtMUHezIBh0TF6uYRleiGbnGnQ1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
f48c5f8deeb0331479bca66500a0a4e8ae2bf45cee2dbad0614629a5292b9010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wwwec7.manulife.com/signin/Content/css/bundle?v=4_egE6CEaP0x2J0KiJtMUHezIBh0TF6uYRleiGbnGnQ1
Origin
https://wwwec7.manulife.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
font/x-woff
Cache-Control
max-age=1069
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80832
X-XSS-Protection
1; mode=block
getmarketingtile
wwwec7.manulife.com/signin/en/ 		357 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/en/getmarketingtile
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
245ac322236caaa8fb4591a6b49f48b77c26d7c01c7c154e3984cb90f31b37a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
VQEEVlFTDRACVFJaBgkCXlA=
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer
https://wwwec7.manulife.com/signin/en

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 12:59:45 GMT
Server
X-AspNet-Version
X-Powered-By
,
Vary
*
Content-Type
application/json; charset=utf-8
X-NewRelic-App-Data
PxQGVlVUDwMFR1NSBAkGXlEJAhFORDQHUjZKA1ZLVVFHDFYPHjRBC0tFXgYIClYcVQpOBVJFWgcWWlNHCwgEFlkOXUAUCBoCA1QJUQFWH1JKBgdRUFMPCxxJUE4VAQdfXQYAVgZXUlEJUQ9RXhoYVFIJSgRs
Cache-Control
public, max-age=76
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Content-Length
357
X-XSS-Protection
1; mode=block
Expires
Wed, 29 Dec 2021 13:59:45 GMT
getfaq
wwwec7.manulife.com/signin/en/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wwwec7.manulife.com/signin/en/getfaq
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
bc9fe04cf8703c69bcaad17513a6acb156a99b5533b255ae79339e36d5af224e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
VQEEVlFTDRACVFJaBgkCXlA=
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer
https://wwwec7.manulife.com/signin/en

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 12:59:45 GMT
Server
X-AspNet-Version
X-Powered-By
,
Vary
*
Content-Type
application/json; charset=utf-8
X-NewRelic-App-Data
PxQGVlVUDwMFR1NSBAkGXlEJAhFORDQHUjZKA1ZLVVFHDFYPHjRBC0tFXgYIClYcVQpOBVJFUQcVExoDTFZPUh5SCFINCwALH0gITRMEVQdUA1ZUAlReVVZRVAQEExsABV1FVj8=
Cache-Control
public, max-age=76
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Content-Length
5371
X-XSS-Protection
1; mode=block
Expires
Wed, 29 Dec 2021 13:59:45 GMT
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=37B127E253DB11F10A490D4E%40AdobeOrg&d_nsid=0&ts=1640786308938
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0451814eca8e87a45acbaa7d79c175d10c8f69d09740cc74be1f916962c7400e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wwwec7.manulife.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v023-033636d5f.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
QrH6/wHTQXM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://wwwec7.manulife.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1255
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/779ef5fcf907/launch-EN38d78358430d41b79487b8d6fe305681.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 13:58:28 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wwwec7.manulife.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Wed, 29 Dec 2021 14:58:28 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/779ef5fcf907/launch-EN38d78358430d41b79487b8d6fe305681.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 13:58:28 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wwwec7.manulife.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Wed, 29 Dec 2021 14:58:28 GMT
Manulife%20ID%20GB%20Member%20banner_MP%201602251_E_1021_620x480-min.jpg
wwwec7.manulife.com/signin/Content/images/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwec7.manulife.com/signin/Content/images/Manulife%20ID%20GB%20Member%20banner_MP%201602251_E_1021_620x480-min.jpg
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.33.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-33-182.deploy.static.akamaitechnologies.com
Software
/ ,
Resource Hash
079989f99f25d83b52b13f21e65f380a177ea50a93d28261096462b3289a495d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/signin/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Oct 2021 17:32:56 GMT
Server
X-Powered-By
,
ETag
"0548dad58cbd71:0"
Content-Type
image/jpeg
Cache-Control
max-age=1578
Date
Wed, 29 Dec 2021 13:58:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38360
X-XSS-Protection
1; mode=block
nr-1212.min.js
js-agent.newrelic.com/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1212.min.js
Requested by
Host: wwwec7.manulife.com
URL: https://wwwec7.manulife.com/signin/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding
gzip
etag
"9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id
JFXHP4JMP2JXQF8D
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12828
x-amz-id-2
7xuK/rXf81qTphcQiXAlcxAgFlOeXwx7At7JdSKBtTGOve4DeHnMqZOr3CXSX9gUpe2NrJPZMP0=
x-served-by
cache-yul12822-YUL
last-modified
Thu, 04 Nov 2021 21:16:16 GMT
server
AmazonS3
x-timer
S1640786309.042721,VS0,VE0
date
Wed, 29 Dec 2021 13:58:29 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6910
af9b922721
bam-cell.nr-data.net/1/ 		49 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/af9b922721?a=203818584&v=1212.e95d35c&to=NlRXNxZZWBVQVRAPDA8eeDUnF34JXFMnCQ0VQ1oPCF1ESX1ZAw8N&rst=725&ck=0&ref=https://wwwec7.manulife.com/signin/en&ap=36&be=229&fe=663&dc=499&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1640786308335,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:38,%22c%22:38,%22s%22:50,%22ce%22:91,%22rq%22:91,%22rp%22:204,%22rpe%22:205,%22dl%22:207,%22di%22:444,%22ds%22:498,%22de%22:498,%22dc%22:662,%22l%22:662,%22le%22:665%7D,%22navigation%22:%7B%7D%7D&fp=446&fcp=446&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 13:58:29 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6c538b200c0bca4f-YUL
dest5.html
manulife.demdex.net/ Frame AE0C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://manulife.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/779ef5fcf907/launch-EN38d78358430d41b79487b8d6fe305681.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.81.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-81-96.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 29 Dec 2021 13:58:29 GMT
DCS
dcs-prod-usw2-2-v023-0cc78f1ee.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Dec 2021 14:27:36 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
vk8Sq2mRSzY=
Content-Length
2791
Connection
keep-alive
ibs:dpid=411&dpuuid=YcxphQAAAJEGggRA
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=63785178160369704250449759675483421653
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcxphQAAAJEGggRA
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcxphQAAAJEGggRA
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v023-064a9203c.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
w5Dmd3Y7TVE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YcxphQAAAJEGggRA
Date
Wed, 29 Dec 2021 13:58:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s42402361045120
manugbpm.112.2o7.net/b/ss/manugbpm/1/JS-2.22.0-LBWB/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manugbpm.112.2o7.net/b/ss/manugbpm/1/JS-2.22.0-LBWB/s42402361045120?AQB=1&ndh=1&pf=1&t=29%2F11%2F2021%2013%3A58%3A29%203%200&mid=63807259070038252570447041937174816773&aamlh=9&ce=UTF-8&pageName=gb%3Apm%3Asignin%3Aen&g=https%3A%2F%2Fwwwec7.manulife.com%2Fsignin%2Fen%23benefits&cc=CAD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=EN&c8=%2Fsignin%2Fen&v8=EN&v10=https%3A%2F%2Fwwwec7.manulife.com%2Fsignin%2Fen%23benefits&c19=gb%3Apm%3Asignin%3Aen&v33=%2Fsignin%2Fen&c47=wwwec7.manulife.com&v52=gb%3Apm%3Asignin%3Aen&v54=wwwec7.manulife.com&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=37B127E253DB11F10A490D4E%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.10.149.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-149-115.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://wwwec7.manulife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 13:58:29 GMT
x-content-type-options
nosniff
x-c
main-1548.I52ef9e.M0-537
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 30 Dec 2021 13:58:29 GMT
server
jag
xserver
anedge-6599d7bf74-dmdrx
etag
3523561770419388416-4619401333472556910
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 28 Dec 2021 13:58:29 GMT
ibs:dpid=358&dpuuid=6357643879111143344
dpm.demdex.net/ Frame AE0C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6357643879111143344
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6357643879111143344
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-0b31cdea7.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fXnR+hydTSQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 13:58:29 GMT
X-Proxy-Origin
37.120.205.156; 37.120.205.156; 674.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
08cd9455-62f6-4e1a-81f2-9a2a28e578fb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6357643879111143344
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=771&dpuuid=CAESEMAR8c2XfzmYk9vPZVhBCqk&google_cver=1
dpm.demdex.net/ Frame AE0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjM3ODUxNzgxNjAzNjk3MDQyNTA0NDk3NTk2NzU0ODM0MjE2NTM=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjM3ODUxNzgxNjAzNjk3MDQyNTA0NDk3NTk2NzU0ODM0MjE2NTM=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMAR8c2XfzmYk9vPZVhBCqk&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMAR8c2XfzmYk9vPZVhBCqk&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v023-05f7804f5.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UxqpgPMERj4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMAR8c2XfzmYk9vPZVhBCqk&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=1957&dpuuid=03BF7EB08A876F53230B6FAC8B516ECF
dpm.demdex.net/ Frame AE0C
Redirect Chain
  • https://c.bing.com/c.gif?uid=63785178160369704250449759675483421653&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=03BF7EB08A876F53230B6FAC8B516ECF
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=03BF7EB08A876F53230B6FAC8B516ECF
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-0d08b76ea.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PYLHG/7EQe4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 93CE711034C3452B8833347D4A30273D Ref B: YMQ01EDGE0321 Ref C: 2021-12-29T13:58:30Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=03BF7EB08A876F53230B6FAC8B516ECF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=58342&dpuuid=6739938e-68af-11ec-943f-2ee2bb6cbf8f
dpm.demdex.net/ Frame AE0C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=adobe_aam
  • https://dpm.demdex.net/ibs:dpid=58342&dpuuid=6739938e-68af-11ec-943f-2ee2bb6cbf8f
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=58342&dpuuid=6739938e-68af-11ec-943f-2ee2bb6cbf8f
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-0f1944ca1.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BGha00ooSvQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 13:58:30 GMT
server
Cowboy
Location
https://dpm.demdex.net/ibs:dpid=58342&dpuuid=6739938e-68af-11ec-943f-2ee2bb6cbf8f
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-1
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
ibs:dpid=73426&dpuuid=63785178160369704250449759675483421653
dpm.demdex.net/ Frame AE0C
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=63785178160369704250449759675483421653&rn=1640786309322&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D637851781603697...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=63785178160369704250449759675483421653&rn=1640786309322&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D63785178160369...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=63785178160369704250449759675483421653
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=63785178160369704250449759675483421653
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-096f2826f.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
d+zmX17NT4A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Wed, 29 Dec 2021 13:58:30 GMT
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=63785178160369704250449759675483421653
content-length
105
x-amz-cf-id
BYtP4S-xm2DoWfJyXSZHUcJT9wFefdOgs2y-bMrMk84tcxN2S2oK2g==
ibs:dpid=121998&dpuuid=37a017ac9727a1a15db91de591fd1b5e
dpm.demdex.net/ Frame AE0C
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63785178160369704250449759675483421653?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=63785178160369704250449759675483421653?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=37a017ac9727a1a15db91de591fd1b5e
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=37a017ac9727a1a15db91de591fd1b5e
Protocol
HTTP/1.1
Server
52.88.252.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-252-250.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-08ee4858a.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bEVuzHhgS0U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=37a017ac9727a1a15db91de591fd1b5e
cache-control
no-cache
x-server
10.40.41.183
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWN4cGhRQUFBSkVHZ2dSQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWN4cGhRQUFBSkVHZ2dSQQ==
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640786310.475023,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWN4cGhRQUFBSkVHZ2dSQQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcxphQAAAJEGggRA&expires=90
42 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcxphQAAAJEGggRA&expires=90
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640786311.530360,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YcxphQAAAJEGggRA&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcxphQAAAJEGggRA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcxphQAAAJEGggRA&C=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcxphQAAAJEGggRA&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 13:58:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Dec 2021 13:58:30 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 13:58:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YcxphQAAAJEGggRA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Wed, 29 Dec 2021 13:58:30 GMT
setuid
ib.adnxs.com/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YcxphQAAAJEGggRA
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YcxphQAAAJEGggRA
Protocol
HTTP/1.1
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 13:58:30 GMT
X-Proxy-Origin
37.120.205.156; 37.120.205.156; 674.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0ecbfcda-d429-4845-be28-c52d81caec5b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640786311.733890,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YcxphQAAAJEGggRA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcxphQAAAJEGggRA
0
0
Pug
image2.pubmatic.com/AdServer/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcxphQAAAJEGggRA
1 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcxphQAAAJEGggRA
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 13:58:31 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug012:0:714
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640786311.936296,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcxphQAAAJEGggRA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcxphQAAAJEGggRA&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcxphQAAAJEGggRA&img=1&__user_check__=1&sync_id=67cca204-68af-11ec-ad0e-17f3de0b0103
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YcxphQAAAJEGggRA&img=1&__user_check__=1&sync_id=67cca204-68af-11ec-ad0e-17f3de0b0103
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 13:58:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
281
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 29 Dec 2021 13:58:31 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YcxphQAAAJEGggRA&img=1&__user_check__=1&sync_id=67cca204-68af-11ec-ad0e-17f3de0b0103
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
211
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame AE0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcxphQAAAJEGggRA&t=2592000&o=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcxphQAAAJEGggRA&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://manulife.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:58:31 PST
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
fOmUiPzc/u1AXqkBZsTyAjNZjka9S7FwrzRTGly55BqHdViItUyy2GLtUXwHYFrW/ov0JEDa1GvxgnfrRTPTjg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
expires
Wed, 29 Dec 2021 05:58:31 PST

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 13:58:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640786311.138340,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YcxphQAAAJEGggRA&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YcxphQAAAJEGggRA

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NREUM object| newrelic function| __nr_require object| CWC_MLCA object| $cmnLoginFlag object| $cmnLoginLink string| locationHash string| loginType function| AdobeAnalyticsForRedirect function| UrlRedirect function| secondButtonRedirect function| firstButtonRedirect function| imgRedirect function| redirectToCIAM function| $ function| jQuery function| prompted function| loadElement function| loadElementByType function| loadElementWithCallback function| resizeMarketingTile function| hashChange function| changeTab function| showAlerts function| animateAlerts function| submitGB function| cbMarketingTile function| collapseTabPanel function| cbFaqAccordion function| onResize function| changeSlide function| closeSlide undefined| alertHeight boolean| _prompted boolean| _alertOpen boolean| _alertForceStop object| $refGBGroupInput object| $refGBCertInput object| $refGBPasswordInput object| $refGBSubmitButton object| $refGBForm object| $refGBRememberInput object| $refErrorDiv object| $refErrorDivText object| $h number| currentSlide undefined| slideFor undefined| numberSlides object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in number| _dataLayerOverwriteMonitor function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_i_manugbpm

34 Cookies

Domain/Path Name / Value
wwwec7.manulife.com/ Name: GBPMProdARRAffinity
Value: 497f70d616dc37ff2eeb3e5592dcac7abc692b211e1f16eb0ee7af03549d6619
wwwec7.manulife.com/ Name: ASP.NET_SessionId
Value: sh4440vbai3zjbxsuahwvvfe
wwwec7.manulife.com/ Name: __RequestVerificationToken_L3NpZ25pbg2
Value: EoCfRHaHRPHBgMr6VEYSG_QiDLWlhDFSac_DwxX4_GHDlhvG4t_r8YG5xIOT02tHMpXCINTIJjiXprszibPVGqY7cVwl1pOYfzwKpZc5R-M1
wwwec7.manulife.com/ Name: PreviousPageURL
Value: https://wwwec7.manulife.com/signin/en#benefits
.demdex.net/ Name: demdex
Value: 63785178160369704250449759675483421653
.manulife.com/ Name: AMCVS_37B127E253DB11F10A490D4E%40AdobeOrg
Value: 1
.manulife.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YcxphQAAAJEGggRA
.dpm.demdex.net/ Name: dpm
Value: 63785178160369704250449759675483421653
.manulife.com/ Name: AMCV_37B127E253DB11F10A490D4E%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18991%7CMCMID%7C63807259070038252570447041937174816773%7CMCAAMLH-1641391109%7C9%7CMCAAMB-1641391109%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1640793509s%7CNONE%7CMCSYNCSOP%7C411-18998%7CvVersion%7C5.0.1
.adnxs.com/ Name: uuid2
Value: 6357643879111143344
.doubleclick.net/ Name: IDE
Value: AHWqTUlflqkWPts-ozLwDL7_yOo323AQfbFijY9yG2HPj0M91XucSODvovo4sXciK4U
.bing.com/ Name: MUID
Value: 03BF7EB08A876F53230B6FAC8B516ECF
.c.bing.com/ Name: MR
Value: 0
.adgrx.com/ Name: ADGRX_UID
Value: 6739938e-68af-11ec-943f-2ee2bb6cbf8f
.adgrx.com/ Name: ADGRX_CM_ADOBE_AAM_BRIDGED
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1ADVXZWFLFWGX8SYUDBBUBg1640786310
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 37a017ac9727a1a15db91de591fd1b5e
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDZPNDA0T0y2NDcyTzRMNDRNSbI0TEk1tTRMSzFMMk1lAILEM5ltIBoKAFlbCyU%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIPJPZBqSgAAAaagId"
.casalemedia.com/ Name: CMID
Value: Ycxphtni4SsFXHqkpYo0qwAA
.casalemedia.com/ Name: CMPS
Value: 140
.casalemedia.com/ Name: CMPRO
Value: 1020
.casalemedia.com/ Name: CMST
Value: YcxphmHMaYYA
.casalemedia.com/ Name: CMRUM3
Value: 5861cc69862760YcxphQAAAJEGggRA
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2Hb9r0z(>!@wnfH)iR8PMp-v=0C#$Y-*b0iJ%DgjRL(^fENZyt$@oS%(2K:$doRL2xc>Hx7R)0LAm:o<QQyO3jzbc!!)U=*8Hpn
.rubiconproject.com/ Name: khaos
Value: KXRLT04Q-T-2NW6
.rubiconproject.com/ Name: audit
Value: 1|Nl3vHj5d7ztlQEr93OS9C7qzZvL4NNuUrHhuNDWymeOXzu0U2rFvUK/qvz1R+39Xp1WwTO9rNsdw0S94mtzOH8KpNY8iiICuy2N1KCI2/MrrtJorNHXfg/5vPdWW6sS4ab7TMec3cgctEmqSeSDxemm1SoXrMY+RsqlSNZOaaDQ=
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YcxphQAAAJEGggRA&KRTB&22978-YcxphQAAAJEGggRA&KRTB&23194-YcxphQAAAJEGggRA&KRTB&23209-YcxphQAAAJEGggRA
.pubmatic.com/ Name: PugT
Value: 1640786311
.pubmatic.com/ Name: PUBMDCID
Value: 2
.demdex.net/ Name: dextp
Value: 358-1-1640786309800|771-1-1640786309902|1957-1-1640786310018|58342-1-1640786310119|73426-1-1640786310221|121998-1-1640786310322|144230-1-1640786310423|144231-1-1640786310524|144232-1-1640786310626|144233-1-1640786310727|144234-1-1640786310829|144235-1-1640786310930|144236-1-1640786311031|144237-1-1640786311132
.spotxchange.com/ Name: audience
Value: 67cca1b8-68af-11ec-ad0e-17f3de0b0103

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.scorecardresearch.com
assets.adobedtm.com
bam-cell.nr-data.net
c.bing.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
js-agent.newrelic.com
manugbpm.112.2o7.net
manulife.demdex.net
pixel.rubiconproject.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
us-u.openx.net
www.facebook.com
wwwec7.manulife.com
us-u.openx.net
142.250.80.34
151.101.194.137
151.101.66.49
162.247.243.147
173.231.184.20
192.35.249.127
23.217.33.182
23.52.162.21
2600:1400:d:5a5::1e80
2607:f8b0:4006:81d::200a
2607:f8b0:4006:823::2003
2620:1ec:c11::200
2a03:2880:f112:182:face:b00c:0:25de
52.10.149.115
52.23.74.168
52.33.81.96
52.85.61.100
52.88.252.250
54.80.152.36
68.67.160.132
8.28.7.83
8.39.36.142
01f932f82062b01456a6912ffe08b2bd752948c4951a8a406aa0a028b06783a3
0451814eca8e87a45acbaa7d79c175d10c8f69d09740cc74be1f916962c7400e
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
079989f99f25d83b52b13f21e65f380a177ea50a93d28261096462b3289a495d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfe413916118d0f039632361164ec7c853a19bbc0d47a1805e8cc8249124fa2
23665c7cf8978adf6f8bfa46ac85c8741e26477f2c6e085ee2e16ce831d6d9fb
245ac322236caaa8fb4591a6b49f48b77c26d7c01c7c154e3984cb90f31b37a3
2fe90e0dc515b5fdceeb387033e95501e03243ce995a533eb3ba6fa1ec359c9a
423218df078af4e98bf4e548cb0b155c6301475dadb00e7baec851cde01a05e5
4583e414e166e20a9742e61218b97b9de8fa3b585ddf5d2774eb45692533be3e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
514dc13226aa277cf522a417183043ba31c4796be271a71a063b46dead113a74
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a21f55f1e066f26e14761b97c76f03c788c27cea8c66971f248112f9828e2ac
6baf0e78ff0d3f671dcaf80a50f4afb33895938a59a3918cafcd51a47f53f699
7a9a055b2844df8481c42e2d651f78a75b514258cfde7523e017e1cee2f35f4e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f147a93638e3160eda64bbd15bc99091bb453be323ea7bd2e747188aa882814
8407414be44fe7463ef126e8f4292fd0e74b4fa4948a554e297a917ad5699bfa
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
95997f3e9beaa3ad35e26fe54db7c14df905a725fa2b83d9d7587e1d75fdbbda
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43418c576332163583f9ab6885b6cb7e9148d8e4bc0f3a32c1f292189d6781b
bc9fe04cf8703c69bcaad17513a6acb156a99b5533b255ae79339e36d5af224e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f2546c64513949ccf602aaaca6de58f8f85429be066f51a7a31c4c8a8c5273
f48c5f8deeb0331479bca66500a0a4e8ae2bf45cee2dbad0614629a5292b9010