retiree.alight.com
Open in
urlscan Pro
2620:1ec:bdf::44
Public Scan
Effective URL: https://retiree.alight.com/home.aspx
Submission: On October 17 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 27th 2023. Valid for: 6 months.
This is the only time retiree.alight.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com |
ASN16509 (AMAZON-02, US)
universal.iperceptions.com |
ASN18450 (WEBNX, US)
PTR: 64-140-160-2.static.webnx.com
geo.ipify.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
seal.digicert.com |
ASN16509 (AMAZON-02, US)
sd.iperceptions.com |
ASN16509 (AMAZON-02, US)
post.iperceptions.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
41 |
alight.com
6 redirects
retiree.alight.com — Cisco Umbrella Rank: 706754 |
3 MB |
14 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1848 ka-p.fontawesome.com — Cisco Umbrella Rank: 3839 |
34 KB |
8 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385 |
127 KB |
7 |
iperceptions.com
universal.iperceptions.com — Cisco Umbrella Rank: 14317 api.iperceptions.com — Cisco Umbrella Rank: 13019 sd.iperceptions.com — Cisco Umbrella Rank: 14200 post.iperceptions.com — Cisco Umbrella Rank: 42433 |
12 KB |
5 |
fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2459 rs.fullstory.com — Cisco Umbrella Rank: 2417 |
72 KB |
3 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250 |
354 B |
2 |
digicert.com
seal.digicert.com — Cisco Umbrella Rank: 11407 |
12 KB |
2 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 248 |
755 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
164 KB |
2 |
aon.com
2 redirects
retiree.aon.com |
422 B |
1 |
azureedge.net
art.azureedge.net — Cisco Umbrella Rank: 80270 |
2 KB |
1 |
ipify.org
geo.ipify.org — Cisco Umbrella Rank: 191095 |
608 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 456 |
28 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655 |
304 B |
82 | 14 |
Domain | Requested by | |
---|---|---|
41 | retiree.alight.com |
6 redirects
retiree.alight.com
|
13 | ka-p.fontawesome.com |
retiree.alight.com
|
8 | cdn.cookielaw.org |
retiree.alight.com
|
3 | region1.google-analytics.com |
www.googletagmanager.com
|
3 | universal.iperceptions.com |
retiree.alight.com
|
3 | rs.fullstory.com |
retiree.alight.com
|
2 | api.iperceptions.com |
retiree.alight.com
|
2 | seal.digicert.com |
retiree.alight.com
|
2 | bam.nr-data.net |
retiree.alight.com
|
2 | www.googletagmanager.com |
retiree.alight.com
|
2 | edge.fullstory.com |
retiree.alight.com
|
2 | retiree.aon.com | 2 redirects |
1 | post.iperceptions.com |
retiree.alight.com
|
1 | art.azureedge.net |
retiree.alight.com
|
1 | sd.iperceptions.com |
retiree.alight.com
|
1 | geo.ipify.org |
retiree.alight.com
|
1 | js-agent.newrelic.com |
retiree.alight.com
|
1 | geolocation.onetrust.com |
retiree.alight.com
|
1 | kit.fontawesome.com |
retiree.alight.com
|
82 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.alight.com |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
retiree.alight.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-09-27 - 2024-03-27 |
6 months | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-12-13 - 2023-12-13 |
a year | crt.sh |
edge.fullstory.com GTS CA 1D4 |
2023-09-18 - 2023-12-17 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
rs.fullstory.com GTS CA 1D4 |
2023-09-13 - 2023-12-12 |
3 months | crt.sh |
*.iperceptions.com Amazon RSA 2048 M01 |
2023-02-13 - 2024-03-13 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-07 - 2024-06-05 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2023-05-05 - 2024-04-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://retiree.alight.com/home.aspx
Frame ID: AD8DF0C5AE348A95B489E142EF427AAB
Requests: 87 HTTP requests in this frame
Frame:
https://universal.iperceptions.com/iFrame.html
Frame ID: E362AEFFE764617BF34567FB58382924
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
AlightHome | Alight Retiree Health Solutions Back ButtonFilter ButtonPage URL History Show full URLs
-
http://retiree.aon.com/
HTTP 307
https://retiree.aon.com/ HTTP 308
https://retiree.alight.com/ HTTP 302
https://retiree.alight.com/home.aspx Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Cookie Notice
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://retiree.aon.com/
HTTP 307
https://retiree.aon.com/ HTTP 308
https://retiree.alight.com/ HTTP 302
https://retiree.alight.com/home.aspx Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 72- https://retiree.alight.com/CMSPages/GetFile.aspx?guid=035d9cbb-eda3-43bf-9591-70b6ce674406 HTTP 301
- https://retiree.alight.com/AonExchange/files/03/035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
- https://retiree.alight.com/CMSPages/GetFile.aspx?guid=edc4293a-2cd0-4944-b24b-e1ba199be663 HTTP 301
- https://retiree.alight.com/AonExchange/files/ed/edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
- https://retiree.alight.com/CMSPages/GetFile.aspx?guid=a12560d9-900c-4175-992a-00c41597b733 HTTP 301
- https://retiree.alight.com/AonExchange/files/a1/a12560d9-900c-4175-992a-00c41597b733.jpg
- https://retiree.alight.com/CMSPages/GetFile.aspx?guid=d13015a8-411a-4b85-b0cc-00a19eba6543 HTTP 301
- https://retiree.alight.com/AonExchange/files/d1/d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
- https://retiree.alight.com/CMSPages/GetFile.aspx?guid=38156f88-647b-489f-a07f-e1b781d091c4 HTTP 301
- https://retiree.alight.com/AonExchange/files/38/38156f88-647b-489f-a07f-e1b781d091c4.jpg
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
home.aspx
retiree.alight.com/ Redirect Chain
|
687 KB 689 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OtAutoBlock.js
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/ |
119 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/ |
19 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
019f6c532e.js
kit.fontawesome.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
retiree.alight.com/CMSCSSStyleSheets/Arhe/ |
748 KB 750 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.axd
retiree.alight.com/ |
23 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
retiree.alight.com/ |
100 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
retiree.alight.com/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f8e5873f-d090-434e-bcf9-89a003fc4489.json
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
59 B 304 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v6.4.2/js/ |
27 KB 8 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.js
ka-p.fontawesome.com/releases/v6.4.2/js/ |
60 KB 18 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs.js
edge.fullstory.com/s/ |
245 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/ |
334 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ArheMainScriptsCombined_A23FAF567EB28FD34C0F834DA11ACCE8.js
retiree.alight.com/CMSWebParts/AonExchange/GeneratedScripts/ |
490 KB 491 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arhe_ARHE_AlightHomePageScriptsCombined_DABCF79A2ECAB95C1921DF6CC2FF9D54.js
retiree.alight.com/CMSWebParts/AonExchange/GeneratedScripts/ |
752 KB 754 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wl-chevron-left-blue.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wl-chevron-right-blue.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/ddc8e287-e73a-448e-99f3-d6d09bbf2d7c/ |
42 KB 11 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
253 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FSThriveElliot-Regular.woff2
retiree.alight.com/CMSCSSStyleSheets/fonts/ |
27 KB 28 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
175 KB 175 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
767 B 767 B |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 12 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
edge.fullstory.com/s/settings/P9391/v1/ |
6 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ |
47 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
page
rs.fullstory.com/rec/ |
7 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wrapper.js
universal.iperceptions.com/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xmark.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/ |
511 B 444 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetSecurityTokenViewModel
retiree.alight.com/API/SecurityToken/ |
226 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetArhePageSetupClientViewModel
retiree.alight.com/API/PageSetup/ |
79 KB 19 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetHomePageViewModel
retiree.alight.com/API/Home/ |
8 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ArheLoginClientViewModel
retiree.alight.com/API/Login/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
817 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FSThriveElliot-Bold.woff2
retiree.alight.com/CMSCSSStyleSheets/fonts/ |
27 KB 28 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1.244.0.min.js
js-agent.newrelic.com/ |
84 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iFrame.html
universal.iperceptions.com/ Frame E362 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-2699f324357c4dcc42e
bam.nr-data.net/1/ |
40 B 408 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1
geo.ipify.org/api/ |
393 B 608 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
271 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-down.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
559 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ArheCartViewModel
retiree.alight.com/API/SharedPopup/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seal.min.js
seal.digicert.com/seals/cascade/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ClearClientUserProfileData
retiree.alight.com/API/PageSetup/ |
2 B 862 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xmark.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/ |
485 B 389 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-left.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/ |
404 B 361 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
file-pdf.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/ |
946 B 601 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/ |
405 B 336 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cart-shopping.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/ |
767 B 556 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Alight_Logo.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cart-icon.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
empty-cart-icon.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InviteTriggers
api.iperceptions.com/ |
241 B 305 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
InviteTriggers
api.iperceptions.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 246 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FSThriveElliot-BoldItalic.woff2
retiree.alight.com/CMSCSSStyleSheets/fonts/ |
27 KB 28 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
686 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YGT_Bean_Glow.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
150 KB 151 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PB_Squash_Glow.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
115 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show-password-icon.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
purple-border.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
113 B 997 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Slick.woff
retiree.alight.com/CMSCSSStyleSheets/fonts/ |
1 KB 2 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle-exclamation.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/sharp-solid/ |
357 B 380 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-left.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ |
413 B 372 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ |
416 B 346 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle-xmark.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/ |
528 B 390 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-up-right-from-square.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/ |
646 B 478 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-contract-arrow.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
retiree.alight.com/AonExchange/files/03/ Redirect Chain
|
67 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
retiree.alight.com/AonExchange/files/ed/ Redirect Chain
|
69 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a12560d9-900c-4175-992a-00c41597b733.jpg
retiree.alight.com/AonExchange/files/a1/ Redirect Chain
|
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
retiree.alight.com/AonExchange/files/d1/ Redirect Chain
|
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
38156f88-647b-489f-a07f-e1b781d091c4.jpg
retiree.alight.com/AonExchange/files/38/ Redirect Chain
|
41 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
closebirdie.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/ |
324 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IpEngine_v79.0.js
universal.iperceptions.com/core/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
SetMachineInfo
retiree.alight.com/API/PageSetup/ |
4 B 864 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
35298_638283191199328257
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
seal.digicert.com/seals/cascade/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-2699f324357c4dcc42e
bam.nr-data.net/events/1/ |
24 B 347 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v2
rs.fullstory.com/rec/bundle/ |
29 B 91 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
harvest_35298.js
art.azureedge.net/harvest/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.gif
post.iperceptions.com/ |
32 B 571 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
v2
rs.fullstory.com/rec/bundle/ |
29 B 43 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
155 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| NREUM object| webpackChunk:NRBA-1.244.0.PROD object| newrelic string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| FontAwesomeKitConfig boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| otStubData object| a function| e object| ___FONT_AWESOME___ object| fontawesome-pro-shims object| FontAwesomeConfig object| FontAwesome object| theForm function| __doPostBack object| OneTrustStub function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY number| remindTimer number| redirectTimer number| sessionTimeReminder number| sessionTimeout function| doReminder function| doRedirect function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| CMS string| gTagAccount string| _fs_loaded function| _fs_shutdown object| EXCHANGE function| $ function| jQuery function| Tether object| jQuery111106849737154234112 object| picturefillCFG function| picturefill object| Prism object| Modernizr object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data object| icPatronChat function| debounce function| UAParser object| ko function| moment object| mutate_event_stack object| mutate function| Inputmask function| extendDefaults function| extendDefinitions function| extendAliases function| format function| unmask function| isValid function| remove function| setValue function| dependencyLib function| callBaseMethod function| getBaseMethod function| getBaseType function| getInterfaces function| getName function| implementsInterface function| inheritsFrom function| initializeBase function| isImplementedBy function| isInstanceOfType function| registerClass function| registerInterface function| resolveInheritance function| registerEnum string| callBackFrameUrl string| iperceptionskey boolean| trustedSealEnabled object| __dcid function| loadTrustedSeal object| iPerceptions function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| __Cascade string| prop object| ipDef function| initharvest number| j object| trigger number| rate boolean| result object| condition object| SEAC15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
retiree.alight.com/ | Name: CMSPreferredCulture Value: en-US |
|
retiree.alight.com/ | Name: CMSCsrfCookie Value: Wtv85jxMAp/ZefCH9ITLCpr+CBLiJ7lDCuYSvCcb |
|
retiree.alight.com/ | Name: ASP.NET_SessionId Value: jqde30oz2q1idaidgfjegkln |
|
retiree.alight.com/ | Name: __RequestVerificationToken_Lw__ Value: 6ixxjWimC4R85T4N99CYmCt56WpH0JCYHiEO8mtcxU4ZQoQi4f+HzRiZ6jQim25Vwiv+Uxs88I4ZplgpnLNxrFMYGSTdXrK8VUSYmigNKPU= |
|
.retiree.alight.com/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Oct+17+2023+08%3A54%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=6.31.0&hosts=&consentId=a5f61ad9-e007-46f4-a829-bccc86910a47&interactionCount=0&landingPath=https%3A%2F%2Fretiree.alight.com%2Fhome.aspx&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CBG9%3A0%2CC0004%3A0 |
|
.alight.com/ | Name: fs_lua Value: 1.1697525695522 |
|
.alight.com/ | Name: fs_uid Value: #P9391#6dc3403a-6a63-4d84-a518-fc7b7ecd720e:83a77d20-e906-46f7-b29c-7740f257ffa2:1697525695522::1#/1729061694 |
|
retiree.alight.com/ | Name: ipe_s Value: d2d4af09-5470-aaae-26be-d0588071eef3 |
|
.alight.com/ | Name: _ga Value: GA1.1.1012807058.1697525696 |
|
.alight.com/ | Name: _ga_JLJ1NLJ4HL Value: GS1.1.1697525696.1.0.1697525696.0.0.0 |
|
retiree.alight.com/ | Name: ipe.35298.pageViewedCount Value: 1 |
|
retiree.alight.com/ | Name: ipe.35298.pageViewedDay Value: 290 |
|
retiree.alight.com/ | Name: ipe_35298_fov Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%22d2d4af09-5470-aaae-26be-d0588071eef3%22%2C%22expiry%22%3A%222023-11-16T07%3A54%3A56.639Z%22%2C%22lastVisit%22%3A%222023-10-17T06%3A54%3A56.639Z%22%7D |
|
.universal.iperceptions.com/ | Name: iperceptions.com Value: [{"id":"ceeac950-5ba3-4899-848d-46c2da5ccbb6","history":[],"visitors":[{"id":"6130223866","time":"2023-10-17T06:54:56.332Z","host":"retiree.alight.com"}]}] |
|
retiree.alight.com/ | Name: ipe_v Value: 257fb207-1a60-171c-d660-9f8f5e64413d |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com; |
Strict-Transport-Security | max-age=31536000;includeSubDomains;preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.iperceptions.com
art.azureedge.net
bam.nr-data.net
cdn.cookielaw.org
edge.fullstory.com
geo.ipify.org
geolocation.onetrust.com
js-agent.newrelic.com
ka-p.fontawesome.com
kit.fontawesome.com
post.iperceptions.com
region1.google-analytics.com
retiree.alight.com
retiree.aon.com
rs.fullstory.com
sd.iperceptions.com
seal.digicert.com
universal.iperceptions.com
www.googletagmanager.com
151.101.66.137
162.247.243.29
2001:4860:4802:34::36
2600:9000:2156:7e00:18:ee0c:6e00:93a1
2600:9000:223c:ce00:15:bf9a:3f00:93a1
2600:9000:2250:7600:8:e7ba:7440:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::6812:2089
2606:4700::6812:1734
2606:4700::6812:82ec
2620:1ec:46::44
2620:1ec:bdf::44
2a00:1450:4001:812::2008
35.186.194.58
35.201.112.186
52.138.200.61
63.33.186.64
64.140.160.2
00d444ebc9bcba7a2f549b85fcb4c8d6c05de356509edfcf03dec7e890699e0e
041fb5632f5352d696490d2f07c3b2302007a254a1d583c4a587458cb2293fb4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0da9bffd1f41361d4480bcf7d1a9a37d43c43fcf9f0b32dc0c025b2a38cff56f
0ed5d1be2f0bcf06c6dcccff96c456cf00dd465db4b2076be666e0ad1fa475e9
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
1f0884b12c7d540f6f995ffa6664d5449d075c1ab2a0bfc7ace1df69b2761d84
202d124cfbdf21fb5f5d09094c9b9ab6523960595e009145765e24bc4050971c
20927abb857974ff5bc2085d999feff2123fc7de639837c6aea90391a8216254
20b9b49225657fe3e2b81073c4e54ab2121adcaff02919a4b4e8ec67cd887f80
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
250edeeb37479a462b0caa0da69d9f047d5df94ca8c807d66f8da56da9518863
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2754224dc73acdb57aea115599ad71096451a80d5014361febdcf0304b6abb23
2ae49dfc718e3ce55345f5443ffc9ce3c02945ccbd01ac8feb5370ec50b59b40
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
39f239d7bd22ef9f58fcc15df57cb5f772528aac79fec14bdeac706da30a91c0
3c15b10745e344f1795ad4810c96f0fd1dec492f524f005e5773ed166f81bcfb
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
43f204a356ed90654339ca85bc6182287434df45360c816a290411fbe758f44b
47ed06660d112d0cde212f7fdd9da0f9047f278a884e02d8043ad96bb42bbe1b
4b29e20cd4cd9e8eca61474fa2ab8692e101dc176ce534f5f28c11a9dc5af730
5119bbc7fc1e593e4c275a67e2b57764fe25ede28b543976ba6109009cd39949
51e25f701e2cf2288ef9b9186f439db34640ddd8aee99381c142a5543908cf59
5253147a7ace1fd1bdeb28fecdf09a2dcf477b494cc55c542f59265369379c87
563c0cd4c323ca083d1dd21178f3841f170c347689782c4ce08104f0a8ed0faf
5a3c4ef7c595d366338a772ed5358f77a087e19bd45d21f98cc120e2c839d2fc
61b94b0781300ca6ab5a5c68eeb12da052460a3f91e821c5c0788be155bc7fde
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6815ea9e03f042ede0745bfc8c010f437e460c9384de103facfa2275d8cc15c6
6babdb1bd9bf92a9f0881ae0a7f6d9cc0141e311c1b581af41d5ca063ba2b6ac
6d418a48de537f80439923d4b1b90e931fddb140867a297aa32fba9f6095d0f9
6e33f1ce03c449c7acbc3100d99b8921118c217510d0232cf1979b0272535f07
7500f98e43ef5aae1b36ef61f2fbd90b28d4b89c8af5e80540b638f09422446e
7f4e3686905e069628a53878c3f581a1f0a471d9747f32c491d47bc507e2ae26
80d722d9f8280c386806275b20291baeb3d29750bc364f3235bb74fc2c964c27
81015bbab8119a851f5ebfc89748edabcec41a4608697326ce5ac53a1938f703
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
831b15100a8732c94a22e6a72596ad31785d3d06a584679e86f9d9e2b587f39b
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8687627cf52049bac6e3a169a0b2ce17c9c73307b10e5ab590d035820137501d
8b3d5769702d50d3aef0dc8b94ee66a9d6c7c52e69c4323fb50608f081c0b30c
9007992661f3ce823fb34f953e284ae9583c7bff59d333dc4b1b5459f32766c2
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
978216366bd92e15bc9af69032ed2a659bf2e481f8b63a1f88d860e73b084b3a
98b1f231195e1a6390091531f35528a61ba32f1932abe56dc0c5894f7c93388d
9b3c71f46ae90baf14a8869188b0000e5ced04f057b45b8ae29e8b1b9c25327e
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd
a12fcd86417c4717f60c258ff1a658c61211e4cb274921f5b111aa461bfe83e3
a22e20cc90f4444f8fc18b319e519be54f418a74bf6e9c8104e809a7c7860660
a381713d2790db7387e7724f8d84223dc4b71b62c446a7602e8b0e25f775aa64
a595e263cad7e70e8703a6f6070a59134a83b1da3124543d0079b36cbdbf7af5
a5e04224cfa1ad8a902257c361cf7e71e38e412026208343eec5ced3cfed71bb
a7acd8e348e369e1829d3d5766b4bb1857d9b0b2c54e608679c1fd86d228e90f
a9541f9adb61db432f7a65a5a38b40c2f4a5dcd231f9e6cd1b415c4220bcdcd4
ad0c2306b6eeb53ecb20e842025b448ea6ec856b21a02726977c068b8bdfae6f
af5d90056d84d4cd132fb6d0f9bf631649377cb6da2b2f6969f94883be67b96f
b1239bb1f3b34a013774f39ba4bf2a6e0ad7d4f976c60d145765cd9b2d58bc73
b2858cde7cd39d71202da58facba7eb7ae173c76bd29e9d3adffef7bcc8082dc
b594de64cb38e1dead7fbde0ecaec3cc5e86fcffe980a31a277a2882fd244d96
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
be08d11ef50b2b6ab9e3924f1f2b85e971c831b0c8a138411c37f53d3b5ecf0d
c26eddb2bc99914580ffcd6f4cfc58837123acbfee52b65691d7eb15032710ac
c364f26f9e540927b6a31835b0110152964dad05fc50ddf50b5c299281ae6df4
c3c968fd7c01c1db0d1d7301a8a84603450fa76fee4d69795d15ca80eb5f776a
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
d3bd7ac08708e9f9fd647c7e7d72cd7e4c1299434c4bdc8f28b296e72cf21d8f
d43ad62e16b8fa25405b751e8af3d9d60bd14180badc8a7615e7da005933cdb3
d6a94b6580523e611e6e1d26d0f2dba2eb74c3118e95e771ad28024c333d030f
d73a99607479c4fd167076ca8fd0778c4e9f3a9ce97aae575a5b484b056e9da7
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcaf41e4ab2cfa799c2386b54751c2bd361c6d1f7ed29b9151e9dd2d33b0c081
de2b416557703147016c099ab67953074024836f698996fa57b651b06befacaf
e1a49a42d7a77e3956a96a058bb7a947e0efac1d3e9c48971c7b40ba9cc7a845
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5244a2154829d30320f472d5f6d84add16940743f5991abd0e3ddcfc5c615dc
e5a90a9aa891f4e3b717cb8e14b564f6d0c51a4db04ca62c52ddc817cc132268
eab7f78614e2934b98c4deb139c0d3b01163cc8b627e0698b5ffaeee4575ea2b
ecdb55a158d5f0eb31e703d442076a1fafc59fa453511c0328c388c7ed10a004
f190917e79defe4a8dda533876be56431194f945f39f11ae7ba449f37c871ebe
f783b90e4dd36f8b17e4b89ae196db18ab98f40a7af29192094d0332f8795cfc
f918535e1b668e15e8204d386104130455167b66045311e4dfd272a38108b008
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
fe63153f01ff7db0a6dc83b4f7acc5ed06410021f2d302063e263727e88d3ff8