Submitted URL: http://retiree.aon.com/
Effective URL: https://retiree.alight.com/home.aspx
Submission: On October 17 via manual from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 82 HTTP transactions. The main IP is 2620:1ec:bdf::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is retiree.alight.com. The Cisco Umbrella rank of the primary domain is 706754.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 27th 2023. Valid for: 6 months.
This is the only time retiree.alight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2620:1ec:46::44 8075 (MICROSOFT...)
6 41 2620:1ec:bdf::44 8075 (MICROSOFT...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 35.201.112.186 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.186.194.58 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
1 64.140.160.2 18450 (WEBNX)
2 63.33.186.64 16509 (AMAZON-02)
2 52.138.200.61 8075 (MICROSOFT...)
3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
1 2600:9000:223... 16509 (AMAZON-02)
82 18
Apex Domain
Subdomains
Transfer
41 alight.com
retiree.alight.com — Cisco Umbrella Rank: 706754
3 MB
14 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1848
ka-p.fontawesome.com — Cisco Umbrella Rank: 3839
34 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385
127 KB
7 iperceptions.com
universal.iperceptions.com — Cisco Umbrella Rank: 14317
api.iperceptions.com — Cisco Umbrella Rank: 13019
sd.iperceptions.com — Cisco Umbrella Rank: 14200
post.iperceptions.com — Cisco Umbrella Rank: 42433
12 KB
5 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2459
rs.fullstory.com — Cisco Umbrella Rank: 2417
72 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
354 B
2 digicert.com
seal.digicert.com — Cisco Umbrella Rank: 11407
12 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 248
755 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
164 KB
2 aon.com
retiree.aon.com
422 B
1 azureedge.net
art.azureedge.net — Cisco Umbrella Rank: 80270
2 KB
1 ipify.org
geo.ipify.org — Cisco Umbrella Rank: 191095
608 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 456
28 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655
304 B
82 14
Domain Requested by
41 retiree.alight.com 6 redirects retiree.alight.com
13 ka-p.fontawesome.com retiree.alight.com
8 cdn.cookielaw.org retiree.alight.com
3 region1.google-analytics.com www.googletagmanager.com
3 universal.iperceptions.com retiree.alight.com
3 rs.fullstory.com retiree.alight.com
2 api.iperceptions.com retiree.alight.com
2 seal.digicert.com retiree.alight.com
2 bam.nr-data.net retiree.alight.com
2 www.googletagmanager.com retiree.alight.com
2 edge.fullstory.com retiree.alight.com
2 retiree.aon.com 2 redirects
1 post.iperceptions.com retiree.alight.com
1 art.azureedge.net retiree.alight.com
1 sd.iperceptions.com retiree.alight.com
1 geo.ipify.org retiree.alight.com
1 js-agent.newrelic.com retiree.alight.com
1 geolocation.onetrust.com retiree.alight.com
1 kit.fontawesome.com retiree.alight.com
82 19

This site contains links to these domains. Also see Links.

Domain
www.alight.com
www.onetrust.com
Subject Issuer Validity Valid
retiree.alight.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-09-27 -
2024-03-27
6 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
edge.fullstory.com
GTS CA 1D4
2023-09-18 -
2023-12-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
rs.fullstory.com
GTS CA 1D4
2023-09-13 -
2023-12-12
3 months crt.sh
*.iperceptions.com
Amazon RSA 2048 M01
2023-02-13 -
2024-03-13
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2023-02-07 -
2024-02-18
a year crt.sh
seal.digicert.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-06-05
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2023-05-05 -
2024-04-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://retiree.alight.com/home.aspx
Frame ID: AD8DF0C5AE348A95B489E142EF427AAB
Requests: 87 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: E362AEFFE764617BF34567FB58382924
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

AlightHome | Alight Retiree Health Solutions Back ButtonFilter Button

Page URL History Show full URLs

  1. http://retiree.aon.com/ HTTP 307
    https://retiree.aon.com/ HTTP 308
    https://retiree.alight.com/ HTTP 302
    https://retiree.alight.com/home.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

82
Requests

94 %
HTTPS

61 %
IPv6

14
Domains

19
Subdomains

18
IPs

3
Countries

4104 kB
Transfer

5411 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://retiree.aon.com/ HTTP 307
    https://retiree.aon.com/ HTTP 308
    https://retiree.alight.com/ HTTP 302
    https://retiree.alight.com/home.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=035d9cbb-eda3-43bf-9591-70b6ce674406 HTTP 301
  • https://retiree.alight.com/AonExchange/files/03/035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
Request Chain 73
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=edc4293a-2cd0-4944-b24b-e1ba199be663 HTTP 301
  • https://retiree.alight.com/AonExchange/files/ed/edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
Request Chain 74
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=a12560d9-900c-4175-992a-00c41597b733 HTTP 301
  • https://retiree.alight.com/AonExchange/files/a1/a12560d9-900c-4175-992a-00c41597b733.jpg
Request Chain 75
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=d13015a8-411a-4b85-b0cc-00a19eba6543 HTTP 301
  • https://retiree.alight.com/AonExchange/files/d1/d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
Request Chain 76
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=38156f88-647b-489f-a07f-e1b781d091c4 HTTP 301
  • https://retiree.alight.com/AonExchange/files/38/38156f88-647b-489f-a07f-e1b781d091c4.jpg

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request home.aspx
retiree.alight.com/
Redirect Chain
  • http://retiree.aon.com/
  • https://retiree.aon.com/
  • https://retiree.alight.com/
  • https://retiree.alight.com/home.aspx
687 KB
689 KB
Document
General
Full URL
https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5e04224cfa1ad8a902257c361cf7e71e38e412026208343eec5ced3cfed71bb
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-store, must-revalidate
content-length
703365
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 06:54:51 GMT
includesubdomains
preload
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-azure-ref
20231017T065451Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e3ze
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge

Redirect headers

cache-control
private, no-store, must-revalidate
content-length
127
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 06:54:51 GMT
includesubdomains
preload
location
/home.aspx
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-azure-ref
20231017T065450Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e3ww
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
OtAutoBlock.js
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/
119 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/OtAutoBlock.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3bd7ac08708e9f9fd647c7e7d72cd7e4c1299434c4bdc8f28b296e72cf21d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15565
content-md5
A0hH6U5AcPyU4gQREyJpeg==
content-length
8261
x-ms-lease-status
unlocked
last-modified
Sat, 24 Sep 2022 16:28:50 GMT
server
cloudflare
etag
0x8DA9E49DCFEA0DF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
99d290a9-d01e-00b1-46bb-a5209b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a1f4398dbb49-FRA
expires
Wed, 18 Oct 2023 06:54:51 GMT
otSDKStub.js
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/
19 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/otSDKStub.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a94b6580523e611e6e1d26d0f2dba2eb74c3118e95e771ad28024c333d030f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
49097
content-md5
5IB+hAMYNeAlO/WhETFjlQ==
content-length
6495
x-ms-lease-status
unlocked
last-modified
Sat, 24 Sep 2022 16:28:50 GMT
server
cloudflare
etag
0x8DA9E49DCF4DE2A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ff1c44cd-501e-00cd-23e1-5abdae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a1f4398fbb49-FRA
expires
Wed, 18 Oct 2023 06:54:51 GMT
019f6c532e.js
kit.fontawesome.com/
11 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/019f6c532e.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3d5769702d50d3aef0dc8b94ee66a9d6c7c52e69c4323fb50608f081c0b30c

Request headers

Referer
https://retiree.alight.com/
Origin
https://retiree.alight.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8176a1f44db43661-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F3ertS2elUCt314BpNBB
Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
retiree.alight.com/CMSCSSStyleSheets/Arhe/
748 KB
750 KB
Stylesheet
General
Full URL
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b29e20cd4cd9e8eca61474fa2ab8692e101dc176ce534f5f28c11a9dc5af730
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:52 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 16 Oct 2023 09:03:00 GMT
etag
"e5701d90f0da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065451Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e414
content-type
text/css
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
765695
WebResource.axd
retiree.alight.com/
23 KB
23 KB
Script
General
Full URL
https://retiree.alight.com/WebResource.axd?d=VRye66N46GYmJkLCJpgq4_XwRgnX7hsG_iSgy_hSyyWwmnco_BR_VqQTuxQSmSPldjFYSpTwRLS7_SIQx-TrZ_UokuFcW3rx0&t=638259224865233147
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:52 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Wed, 26 Jul 2023 02:44:37 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065451Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e415
content-type
application/x-javascript
x-cache
CONFIG_NOCACHE
cache-control
public
includesubdomains
preload
accept-ranges
bytes
content-length
23063
expires
Tue, 15 Oct 2024 09:23:21 GMT
ScriptResource.axd
retiree.alight.com/
100 KB
26 KB
Script
General
Full URL
https://retiree.alight.com/ScriptResource.axd?d=Oz0wpEp1Bd9hKmgXL1py1DPAWKsbYgnW7tH3ek9lpDT447qDtI4LkjR22my_XTAU8aD59-UWsd-abNMjvxAwneDQf0mJ7oCkUcRKR6O9U6fK0aIboTdaCcy5gtPuQlw12tef9l-vPxsI3gAfJ1AQDh0BlHa2_iU6GEapLro_TQk1&t=ffffffffb1d0f179
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
last-modified
Mon, 16 Oct 2023 09:06:57 GMT
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065451Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e416
content-type
application/x-javascript
x-cache
CONFIG_NOCACHE
cache-control
public
includesubdomains
preload
accept-ranges
bytes
content-length
25609
expires
Tue, 15 Oct 2024 09:06:57 GMT
ScriptResource.axd
retiree.alight.com/
39 KB
11 KB
Script
General
Full URL
https://retiree.alight.com/ScriptResource.axd?d=WTZsf9KlUjuWUJxwaa7S7aLIP0qziYOMWpBgEk7_HU32mF9biRLQNRIvhSKQNve1biNfyUARxBC8S3PZ9TNOgqqdroamWmm2XpvzBKmJzpNIAs64YuQm62PSuRgQR9Vxryi0UBgHxVQ_9fgneWrQAn_KRCWhEJeTIgiKe-_KDWDnnaDaXHAgrQ2&t=ffffffffb1d0f179
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
last-modified
Mon, 16 Oct 2023 09:23:01 GMT
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065451Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e417
content-type
application/x-javascript
x-cache
CONFIG_NOCACHE
cache-control
public
includesubdomains
preload
accept-ranges
bytes
content-length
9984
expires
Tue, 15 Oct 2024 09:23:01 GMT
f8e5873f-d090-434e-bcf9-89a003fc4489.json
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/f8e5873f-d090-434e-bcf9-89a003fc4489.json
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcaf41e4ab2cfa799c2386b54751c2bd361c6d1f7ed29b9151e9dd2d33b0c081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
CEDS3yNgxpJ750qpm98jfQ==
content-length
1497
x-ms-lease-status
unlocked
last-modified
Sat, 24 Sep 2022 16:28:50 GMT
server
cloudflare
etag
0x8DA9E49DCF3A5CE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f762292f-d01e-00dc-3a02-978ab5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a1f49ce29256-FRA
expires
Wed, 18 Oct 2023 06:54:51 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
304 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8176a1f5283e5bf9-FRA
access-control-allow-headers
Content-Type
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v6.4.2/js/
27 KB
8 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/js/pro-v4-shims.min.js?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754224dc73acdb57aea115599ad71096451a80d5014361febdcf0304b6abb23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:07:59 GMT
server
cloudflare
age
6516345
etag
"64c9580f-1ddc"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
cf-ray
8176a1f53e8a3661-FRA
content-length
7644
pro.min.js
ka-p.fontawesome.com/releases/v6.4.2/js/
60 KB
18 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/js/pro.min.js?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7acd8e348e369e1829d3d5766b4bb1857d9b0b2c54e608679c1fd86d228e90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:07:59 GMT
server
cloudflare
age
6516711
etag
"64c9580f-4555"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
cf-ray
8176a1f53e883661-FRA
content-length
17749
fs.js
edge.fullstory.com/s/
245 KB
68 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
978216366bd92e15bc9af69032ed2a659bf2e481f8b63a1f88d860e73b084b3a

Request headers

Referer
https://retiree.alight.com/
Origin
https://retiree.alight.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:21:42 GMT
content-encoding
br
age
1992
x-guploader-uploadid
ADPycdvKsHRfm7U8reG7RcvOfSpOIavIb2lb4dYaZw8Wzq9gqoGX5d9pJNRx4r_-Cm2BlAC1OYUrfwE1W6jItcttOO8s5g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68636
last-modified
Wed, 11 Oct 2023 15:27:31 GMT
server
UploadServer
etag
"98c13ba5b0f4483979aa81f3bbec729f"
vary
Accept-Encoding
x-goog-generation
1697038051258311
x-goog-hash
crc32c=IqJd/A==, md5=mME7pbD0SDl5qoHzu+xynw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
68636
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 17 Oct 2023 07:21:42 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/
334 KB
79 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
5810
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
80955
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:24 GMT
server
cloudflare
etag
0x8DA032EC5D12B02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c2c2504-801e-00c4-7de1-5aa720000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a20648f1bb49-FRA
ArheMainScriptsCombined_A23FAF567EB28FD34C0F834DA11ACCE8.js
retiree.alight.com/CMSWebParts/AonExchange/GeneratedScripts/
490 KB
491 KB
Script
General
Full URL
https://retiree.alight.com/CMSWebParts/AonExchange/GeneratedScripts/ArheMainScriptsCombined_A23FAF567EB28FD34C0F834DA11ACCE8.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00d444ebc9bcba7a2f549b85fcb4c8d6c05de356509edfcf03dec7e890699e0e
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 16 Oct 2023 09:02:50 GMT
etag
"a93d168af0da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065454Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4k6
content-type
application/javascript
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
501608
Arhe_ARHE_AlightHomePageScriptsCombined_DABCF79A2ECAB95C1921DF6CC2FF9D54.js
retiree.alight.com/CMSWebParts/AonExchange/GeneratedScripts/
752 KB
754 KB
Script
General
Full URL
https://retiree.alight.com/CMSWebParts/AonExchange/GeneratedScripts/Arhe_ARHE_AlightHomePageScriptsCombined_DABCF79A2ECAB95C1921DF6CC2FF9D54.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2858cde7cd39d71202da58facba7eb7ae173c76bd29e9d3adffef7bcc8082dc
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 16 Oct 2023 09:22:29 GMT
etag
"d12dc48120da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065454Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4k7
content-type
application/javascript
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
770196
wl-chevron-left-blue.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
5 KB
6 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/wl-chevron-left-blue.png
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a595e263cad7e70e8703a6f6070a59134a83b1da3124543d0079b36cbdbf7af5
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Sat, 05 Aug 2023 12:42:17 GMT
etag
"945376449ac7d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065454Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4k9
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
5031
wl-chevron-right-blue.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
5 KB
6 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/wl-chevron-right-blue.png
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ed5d1be2f0bcf06c6dcccff96c456cf00dd465db4b2076be666e0ad1fa475e9
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Sat, 05 Aug 2023 12:42:16 GMT
etag
"9f7345449ac7d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065454Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4ka
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
5085
en.json
cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/ddc8e287-e73a-448e-99f3-d6d09bbf2d7c/
42 KB
11 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/f8e5873f-d090-434e-bcf9-89a003fc4489/ddc8e287-e73a-448e-99f3-d6d09bbf2d7c/en.json
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da9bffd1f41361d4480bcf7d1a9a37d43c43fcf9f0b32dc0c025b2a38cff56f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
aAn7cQ58ypRY9dzkz5DcVA==
content-length
11360
x-ms-lease-status
unlocked
last-modified
Sat, 24 Sep 2022 16:29:00 GMT
server
cloudflare
etag
0x8DA9E49E2CC88A7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5dfe606b-001e-00a9-4ac9-e8f8f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a206c98e9256-FRA
expires
Wed, 18 Oct 2023 06:54:54 GMT
gtm.js
www.googletagmanager.com/
253 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSK3XDD
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20927abb857974ff5bc2085d999feff2123fc7de639837c6aea90391a8216254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75289
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Oct 2023 06:54:54 GMT
FSThriveElliot-Regular.woff2
retiree.alight.com/CMSCSSStyleSheets/fonts/
27 KB
28 KB
Font
General
Full URL
https://retiree.alight.com/CMSCSSStyleSheets/fonts/FSThriveElliot-Regular.woff2
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9007992661f3ce823fb34f953e284ae9583c7bff59d333dc4b1b5459f32766c2
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Origin
https://retiree.alight.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Thu, 12 Oct 2023 22:36:40 GMT
etag
"04c42915cfdd91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065454Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4kq
content-type
application/x-font-woff
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
27456
truncated
/
10 KB
10 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81015bbab8119a851f5ebfc89748edabcec41a4608697326ce5ac53a1938f703

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
img/png
truncated
/
13 KB
13 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c15b10745e344f1795ad4810c96f0fd1dec492f524f005e5773ed166f81bcfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
img/png
truncated
/
175 KB
175 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22e20cc90f4444f8fc18b319e519be54f418a74bf6e9c8104e809a7c7860660

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
img/png
truncated
/
767 B
767 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8687627cf52049bac6e3a169a0b2ce17c9c73307b10e5ab590d035820137501d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
img/png
truncated
/
12 KB
12 KB
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c364f26f9e540927b6a31835b0110152964dad05fc50ddf50b5c299281ae6df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
img/png
web
edge.fullstory.com/s/settings/P9391/v1/
6 KB
2 KB
XHR
General
Full URL
https://edge.fullstory.com/s/settings/P9391/v1/web
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5a90a9aa891f4e3b717cb8e14b564f6d0c51a4db04ca62c52ddc817cc132268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:54 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtFL1CgUHKv6vi8krc9QXv9NEQMyZYwKvUwE1qDIvCgxQwwEY72AG1Oye7OVIgLI6G3OyF1SzOdO5kNScH8E519XA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1652
last-modified
Tue, 17 Oct 2023 06:47:37 GMT
server
UploadServer
etag
"2c180df328d7f4d953594b56ea8aa59d"
x-goog-generation
1697525257673681
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=gEJYTg==, md5=LBgN8yjX9NlTWUtW6oqlnQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1652
accept-ranges
bytes
expires
Tue, 17 Oct 2023 07:09:54 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otFlat.json
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
EXbJt9InrxA+LlZTe81nFg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2960
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:13 GMT
server
cloudflare
etag
0x8DA032EBEE58F18
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
48cb6570-101e-0060-4312-979dc4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a2080a7d9256-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/
47 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcTab.json
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f204a356ed90654339ca85bc6182287434df45360c816a290411fbe758f44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yGkHGGkDGRSmFsV+5CYH1w==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11907
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:16 GMT
server
cloudflare
etag
0x8DA032EC0BD3EF5
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
99d55f1d-d01e-00b1-78bd-a5209b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8176a2080a7e9256-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2HSefDmVwJneRQMu6SXIPw==
age
47649
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
38ab718e-f01e-002b-3983-ebb94f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8176a2080a809256-FRA
page
rs.fullstory.com/rec/
7 KB
2 KB
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f783b90e4dd36f8b17e4b89ae196db18ab98f40a7af29192094d0332f8795cfc

Request headers

Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://retiree.alight.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1849
wrapper.js
universal.iperceptions.com/
9 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:53:23 GMT
content-encoding
gzip
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
content-md5
d5YIeO59lrTqhttidyvULA==
age
91
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
last-modified
Mon, 22 Mar 2021 18:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
18977c18-a01e-0043-3ac6-00c321000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
DjA9TRC3imhYIqpKg6UKSb7b2WsiA7yZ2iuLveop31jhZh0SCag3tQ==
xmark.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/
511 B
444 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/light/xmark.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f239d7bd22ef9f58fcc15df57cb5f772528aac79fec14bdeac706da30a91c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:12:23 GMT
server
cloudflare
age
6516348
etag
W/"64c95917-1ff"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
8176a20b3b3f3661-FRA
GetSecurityTokenViewModel
retiree.alight.com/API/SecurityToken/
226 B
1 KB
XHR
General
Full URL
https://retiree.alight.com/API/SecurityToken/GetSecurityTokenViewModel
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a381713d2790db7387e7724f8d84223dc4b71b62c446a7602e8b0e25f775aa64
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-c154144d452292f0----1697525695243
traceparent
00-4e226cc854ded362e1fc7a647ca80600-c154144d452292f0-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6ImMxNTQxNDRkNDUyMjkyZjAiLCJ0ciI6IjRlMjI2Y2M4NTRkZWQzNjJlMWZjN2E2NDdjYTgwNjAwIiwidGkiOjE2OTc1MjU2OTUyNDMsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4pg
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
221
GetArhePageSetupClientViewModel
retiree.alight.com/API/PageSetup/
79 KB
19 KB
XHR
General
Full URL
https://retiree.alight.com/API/PageSetup/GetArhePageSetupClientViewModel
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de2b416557703147016c099ab67953074024836f698996fa57b651b06befacaf
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-649e02704c6eb2a6----1697525695452
traceparent
00-16ee8ba0265ad1ac458abd5ec2725b00-649e02704c6eb2a6-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6IjY0OWUwMjcwNGM2ZWIyYTYiLCJ0ciI6IjE2ZWU4YmEwMjY1YWQxYWM0NThhYmQ1ZWMyNzI1YjAwIiwidGkiOjE2OTc1MjU2OTU0NTIsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest
__RequestVerificationToken
tlK0Yj5tiqBoGvhYChCREEgmg8RMqVjRYDslJPjwg1d0IwPT69ngbkRCthn6txHhZ6t9j/EGPV0e0utBZEh7Iw2yLIM1nMuiO3yJTEmJKRM=

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4qt
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
18117
GetHomePageViewModel
retiree.alight.com/API/Home/
8 KB
3 KB
XHR
General
Full URL
https://retiree.alight.com/API/Home/GetHomePageViewModel
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
61b94b0781300ca6ab5a5c68eeb12da052460a3f91e821c5c0788be155bc7fde
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-5db65938c2e27b3a----1697525695455
traceparent
00-375010523700a366e54088bdac237d00-5db65938c2e27b3a-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6IjVkYjY1OTM4YzJlMjdiM2EiLCJ0ciI6IjM3NTAxMDUyMzcwMGEzNjZlNTQwODhiZGFjMjM3ZDAwIiwidGkiOjE2OTc1MjU2OTU0NTUsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest
__RequestVerificationToken
tlK0Yj5tiqBoGvhYChCREEgmg8RMqVjRYDslJPjwg1d0IwPT69ngbkRCthn6txHhZ6t9j/EGPV0e0utBZEh7Iw2yLIM1nMuiO3yJTEmJKRM=

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4qu
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
2729
ArheLoginClientViewModel
retiree.alight.com/API/Login/
2 KB
2 KB
XHR
General
Full URL
https://retiree.alight.com/API/Login/ArheLoginClientViewModel
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5253147a7ace1fd1bdeb28fecdf09a2dcf477b494cc55c542f59265369379c87
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-8e685e703acc6917----1697525695456
traceparent
00-6555beb06b2318602ebb6b4964803b00-8e685e703acc6917-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6IjhlNjg1ZTcwM2FjYzY5MTciLCJ0ciI6IjY1NTViZWIwNmIyMzE4NjAyZWJiNmI0OTY0ODAzYjAwIiwidGkiOjE2OTc1MjU2OTU0NTYsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest
__RequestVerificationToken
tlK0Yj5tiqBoGvhYChCREEgmg8RMqVjRYDslJPjwg1d0IwPT69ngbkRCthn6txHhZ6t9j/EGPV0e0utBZEh7Iw2yLIM1nMuiO3yJTEmJKRM=

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4qv
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
1001
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
FSThriveElliot-Bold.woff2
retiree.alight.com/CMSCSSStyleSheets/fonts/
27 KB
28 KB
Font
General
Full URL
https://retiree.alight.com/CMSCSSStyleSheets/fonts/FSThriveElliot-Bold.woff2
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20b9b49225657fe3e2b81073c4e54ab2121adcaff02919a4b4e8ec67cd887f80
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Origin
https://retiree.alight.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Thu, 12 Oct 2023 22:36:40 GMT
etag
"04c42915cfdd91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4qz
content-type
application/x-font-woff
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
27692
nr-spa-1.244.0.min.js
js-agent.newrelic.com/
84 KB
28 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.244.0.min.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b594de64cb38e1dead7fbde0ecaec3cc5e86fcffe980a31a277a2882fd244d96
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
ZpbvAzso1vE68JD5ulMc_SWMwuP6aNuX
content-encoding
br
via
1.1 varnish
date
Tue, 17 Oct 2023 06:54:55 GMT
strict-transport-security
max-age=300
x-amz-request-id
71FTTGP40J89R6X4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
28495
x-amz-id-2
GEbCH0nK9+EUzVn85EUq2LrfbhyfajIPY+IL9PAEx4e8+dTo8jsLSYVHkR2OLC58FBXb70XECMQ=
x-served-by
cache-fra-eddf8230078-FRA
last-modified
Wed, 11 Oct 2023 22:06:04 GMT
server
AmazonS3
x-timer
S1697525696.635844,VS0,VE0
etag
"c80f34e072ebf2c87e6c337ede3500a5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
364984
iFrame.html
universal.iperceptions.com/ Frame E362
2 KB
1 KB
Document
General
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1f0884b12c7d540f6f995ffa6664d5449d075c1ab2a0bfc7ace1df69b2761d84

Request headers

Referer
https://retiree.alight.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age
289
cache-control
public,max-age=7200
content-encoding
gzip
content-md5
EWwLArd7NRLd/UFGafi8dA==
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 06:50:06 GMT
last-modified
Thu, 21 Sep 2023 17:40:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-cf-id
aGnTBKHR1wg3zzEagz1-pPD7FdjuJnQm0rjYc22uXtDTx-MZeXmOlQ==
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
68334aba-201e-0059-6978-feec4e000000
x-ms-version
2009-09-19
NRJS-2699f324357c4dcc42e
bam.nr-data.net/1/
40 B
408 B
XHR
General
Full URL
https://bam.nr-data.net/1/NRJS-2699f324357c4dcc42e?a=1350448951&v=1.244.0&to=YlYAMkcFXBEFURJcV1scIzVlS1EPF0YDWEhZUhYDRktTDQpXHlZQVF0FAxoUUwUBRgNYSFlSFgNGS1MODVUOQVBaXgcWVANXFgFfFllZQVZMB0YUSg%3D%3D&rst=989&ck=0&s=77a7e09f23005643&ref=https://retiree.alight.com/home.aspx&af=err,xhr,stn,ins,spa&qt=1&ap=94&be=895&fe=4253&dc=4161&perf=%7B%22timing%22:%7B%22of%22:1697525690457,%22n%22:0,%22f%22:679,%22dn%22:679,%22dne%22:679,%22c%22:679,%22s%22:679,%22ce%22:679,%22rq%22:680,%22rp%22:895,%22rpe%22:4007,%22di%22:4774,%22ds%22:4774,%22de%22:5056,%22dc%22:5138,%22l%22:5138,%22le%22:5148%7D,%22navigation%22:%7B%7D%7D&fp=4063&fcp=5062
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://retiree.alight.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230031-FRA
v1
geo.ipify.org/api/
393 B
608 B
XHR
General
Full URL
https://geo.ipify.org/api/v1?apiKey=at_OInLjNfYms9RYaogAZLRnAZf0d0fj
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-140-160-2.static.webnx.com
Software
nginx /
Resource Hash
be08d11ef50b2b6ab9e3924f1f2b85e971c831b0c8a138411c37f53d3b5ecf0d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 06:54:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
js
www.googletagmanager.com/gtag/
271 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLJ1NLJ4HL&l=dataLayer&cx=c
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d73a99607479c4fd167076ca8fd0778c4e9f3a9ce97aae575a5b484b056e9da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91912
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 06:54:55 GMT
chevron-down.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
559 B
1 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/chevron-down.svg
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a3c4ef7c595d366338a772ed5358f77a087e19bd45d21f98cc120e2c839d2fc
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Sat, 13 May 2023 12:12:31 GMT
etag
"15829319485d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4se
content-type
image/svg+xml
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
559
ArheCartViewModel
retiree.alight.com/API/SharedPopup/
2 KB
2 KB
XHR
General
Full URL
https://retiree.alight.com/API/SharedPopup/ArheCartViewModel
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f4e3686905e069628a53878c3f581a1f0a471d9747f32c491d47bc507e2ae26
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-9a82f3174c9b0f71----1697525695744
traceparent
00-97d9aebd70c63fcec1d5ed01aef9c400-9a82f3174c9b0f71-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6IjlhODJmMzE3NGM5YjBmNzEiLCJ0ciI6Ijk3ZDlhZWJkNzBjNjNmY2VjMWQ1ZWQwMWFlZjljNDAwIiwidGkiOjE2OTc1MjU2OTU3NDQsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest
__RequestVerificationToken
tlK0Yj5tiqBoGvhYChCREEgmg8RMqVjRYDslJPjwg1d0IwPT69ngbkRCthn6txHhZ6t9j/EGPV0e0utBZEh7Iw2yLIM1nMuiO3yJTEmJKRM=

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4sk
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
831
seal.min.js
seal.digicert.com/seals/cascade/
8 KB
8 KB
Script
General
Full URL
https://seal.digicert.com/seals/cascade/seal.min.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 06:54:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff, nosniff
last-modified
Mon, 16 Oct 2023 15:57:29 GMT
Server
nginx
etag
"1e3d-607d776936c40"
Content-Type
text/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7741
X-XSS-Protection
1; mode=block, 1; mode=block
ClearClientUserProfileData
retiree.alight.com/API/PageSetup/
2 B
862 B
XHR
General
Full URL
https://retiree.alight.com/API/PageSetup/ClearClientUserProfileData
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-07e9bdf78822f8e2----1697525695754
traceparent
00-9cb5d41942a1a9a0c7e9f0033ce40b00-07e9bdf78822f8e2-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6IjA3ZTliZGY3ODgyMmY4ZTIiLCJ0ciI6IjljYjVkNDE5NDJhMWE5YTBjN2U5ZjAwMzNjZTQwYjAwIiwidGkiOjE2OTc1MjU2OTU3NTQsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest
__RequestVerificationToken
tlK0Yj5tiqBoGvhYChCREEgmg8RMqVjRYDslJPjwg1d0IwPT69ngbkRCthn6txHhZ6t9j/EGPV0e0utBZEh7Iw2yLIM1nMuiO3yJTEmJKRM=

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4sq
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
22
xmark.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/
485 B
389 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/xmark.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3c71f46ae90baf14a8869188b0000e5ced04f057b45b8ae29e8b1b9c25327e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:14:30 GMT
server
cloudflare
age
6516715
etag
W/"64c95996-1e5"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
8176a20e9ed43661-FRA
chevron-left.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/
404 B
361 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/light/chevron-left.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a49a42d7a77e3956a96a058bb7a947e0efac1d3e9c48971c7b40ba9cc7a845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:10:40 GMT
server
cloudflare
age
6516348
etag
W/"64c958b0-194"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
8176a20e9ed83661-FRA
file-pdf.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/
946 B
601 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/regular/file-pdf.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831b15100a8732c94a22e6a72596ad31785d3d06a584679e86f9d9e2b587f39b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:12:45 GMT
server
cloudflare
age
1367133
etag
W/"64c9592d-3b2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8176a20e9ee23661-FRA
chevron-right.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/
405 B
336 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/light/chevron-right.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab7f78614e2934b98c4deb139c0d3b01163cc8b627e0698b5ffaeee4575ea2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:10:40 GMT
server
cloudflare
age
6516348
etag
W/"64c958b0-195"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
8176a20e9ee63661-FRA
cart-shopping.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/
767 B
556 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/light/cart-shopping.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5119bbc7fc1e593e4c275a67e2b57764fe25ede28b543976ba6109009cd39949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:10:39 GMT
server
cloudflare
age
6516714
etag
W/"64c958af-2ff"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
8176a20eaee83661-FRA
Alight_Logo.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
2 KB
3 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/Alight_Logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
041fb5632f5352d696490d2f07c3b2302007a254a1d583c4a587458cb2293fb4
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:55 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 20 Feb 2023 12:23:26 GMT
etag
"0f3a9212645d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4th
content-type
image/svg+xml
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
2123
cart-icon.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
2 KB
3 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/cart-icon.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d43ad62e16b8fa25405b751e8af3d9d60bd14180badc8a7615e7da005933cdb3
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Thu, 27 Apr 2023 14:31:39 GMT
etag
"802fe7fa1479d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4tk
content-type
image/svg+xml
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
1810
empty-cart-icon.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
2 KB
3 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/empty-cart-icon.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f918535e1b668e15e8204d386104130455167b66045311e4dfd272a38108b008
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Sat, 13 May 2023 12:12:33 GMT
etag
"9fb989329485d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065455Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4tm
content-type
image/svg+xml
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
2002
InviteTriggers
api.iperceptions.com/
241 B
305 B
XHR
General
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51e25f701e2cf2288ef9b9186f439db34640ddd8aee99381c142a5543908cf59

Request headers

Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
SecurityToken
ceeac950-5ba3-4899-848d-46c2da5ccbb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 06:54:55 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
241
expires
-1
InviteTriggers
api.iperceptions.com/ Frame
0
0
Preflight
General
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
securitytoken
Access-Control-Request-Method
GET
Origin
https://retiree.alight.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
securitytoken
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 17 Oct 2023 06:54:55 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
collect
region1.google-analytics.com/g/
0
246 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLJ1NLJ4HL&gtm=45je3ab0&_p=1797070330&cid=1012807058.1697525696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=00000000-0000-0000-0000-000000000000&sid=1697525696&sct=1&seg=0&dl=https%3A%2F%2Fretiree.alight.com%2Fhome.aspx&dt=AlightHome%20%7C%20Alight%20Retiree%20Health%20Solutions&en=page_view&_fv=1&_nsi=1&_ss=1&ep.agent_id=00000000-0000-0000-0000-000000000000&up.user_id_dimension=00000000-0000-0000-0000-000000000000
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLJ1NLJ4HL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 06:54:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retiree.alight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLJ1NLJ4HL&gtm=45je3ab0&_p=1797070330&cid=1012807058.1697525696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&uid=00000000-0000-0000-0000-000000000000&sid=1697525696&sct=1&seg=0&dl=https%3A%2F%2Fretiree.alight.com%2Fhome.aspx&dt=AlightHome%20%7C%20Alight%20Retiree%20Health%20Solutions&en=scroll&ep.agent_id=00000000-0000-0000-0000-000000000000&epn.percent_scrolled=90&_et=20
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLJ1NLJ4HL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 06:54:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retiree.alight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FSThriveElliot-BoldItalic.woff2
retiree.alight.com/CMSCSSStyleSheets/fonts/
27 KB
28 KB
Font
General
Full URL
https://retiree.alight.com/CMSCSSStyleSheets/fonts/FSThriveElliot-BoldItalic.woff2
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f190917e79defe4a8dda533876be56431194f945f39f11ae7ba449f37c871ebe
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Origin
https://retiree.alight.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Thu, 12 Oct 2023 22:36:40 GMT
etag
"04c42915cfdd91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4vg
content-type
application/x-font-woff
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
28148
truncated
/
686 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e33f1ce03c449c7acbc3100d99b8921118c217510d0232cf1979b0272535f07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
YGT_Bean_Glow.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
150 KB
151 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/YGT_Bean_Glow.png
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98b1f231195e1a6390091531f35528a61ba32f1932abe56dc0c5894f7c93388d
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 20 Feb 2023 12:23:26 GMT
etag
"0f3a9212645d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4vm
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
153942
PB_Squash_Glow.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
115 KB
116 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/PB_Squash_Glow.png
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47ed06660d112d0cde212f7fdd9da0f9047f278a884e02d8043ad96bb42bbe1b
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 20 Feb 2023 12:23:26 GMT
etag
"0f3a9212645d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4vn
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
117679
show-password-icon.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
1 KB
2 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/show-password-icon.svg
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5244a2154829d30320f472d5f6d84add16940743f5991abd0e3ddcfc5c615dc
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Tue, 28 Apr 2020 17:26:16 GMT
etag
"ec353b1f821dd61:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4vp
content-type
image/svg+xml
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
1468
purple-border.svg
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
113 B
997 B
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/purple-border.svg
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3c968fd7c01c1db0d1d7301a8a84603450fa76fee4d69795d15ca80eb5f776a
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 20 Feb 2023 12:23:26 GMT
etag
"0f3a9212645d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4vq
content-type
image/svg+xml
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
113
Slick.woff
retiree.alight.com/CMSCSSStyleSheets/fonts/
1 KB
2 KB
Font
General
Full URL
https://retiree.alight.com/CMSCSSStyleSheets/fonts/Slick.woff
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://retiree.alight.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_AlightHomePageCssCombined_ABFBBE62AE87913B96710A716FD0CB42.css
Origin
https://retiree.alight.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Thu, 12 Oct 2023 22:36:40 GMT
etag
"04c42915cfdd91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4vr
content-type
application/x-font-woff
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
1380
circle-exclamation.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/sharp-solid/
357 B
380 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/sharp-solid/circle-exclamation.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
563c0cd4c323ca083d1dd21178f3841f170c347689782c4ce08104f0a8ed0faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:18:55 GMT
server
cloudflare
age
106637
etag
W/"64c95a9f-165"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8176a211ba273661-FRA
chevron-left.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/
413 B
372 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/chevron-left.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d418a48de537f80439923d4b1b90e931fddb140867a297aa32fba9f6095d0f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:21:10 GMT
server
cloudflare
age
839455
etag
W/"64c95b26-19d"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8176a211ba2a3661-FRA
chevron-right.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/
416 B
346 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/chevron-right.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d722d9f8280c386806275b20291baeb3d29750bc364f3235bb74fc2c964c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:21:10 GMT
server
cloudflare
age
502300
etag
W/"64c95b26-1a0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8176a211ba2c3661-FRA
circle-xmark.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/
528 B
390 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/solid/circle-xmark.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6babdb1bd9bf92a9f0881ae0a7f6d9cc0141e311c1b581af41d5ca063ba2b6ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:21:12 GMT
server
cloudflare
age
111580
etag
W/"64c95b28-210"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8176a211ba2f3661-FRA
arrow-up-right-from-square.svg
ka-p.fontawesome.com/releases/v6.4.2/svgs/light/
646 B
478 B
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v6.4.2/svgs/light/arrow-up-right-from-square.svg?token=019f6c532e
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7500f98e43ef5aae1b36ef61f2fbd90b28d4b89c8af5e80540b638f09422446e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:10:33 GMT
server
cloudflare
age
839455
etag
W/"64c958a9-286"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8176a211ba313661-FRA
button-contract-arrow.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
2 KB
2 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/button-contract-arrow.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
250edeeb37479a462b0caa0da69d9f047d5df94ca8c807d66f8da56da9518863
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 20 Feb 2023 12:23:26 GMT
etag
"0f3a9212645d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4w7
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
1604
035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
retiree.alight.com/AonExchange/files/03/
Redirect Chain
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=035d9cbb-eda3-43bf-9591-70b6ce674406
  • https://retiree.alight.com/AonExchange/files/03/035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
67 KB
68 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/files/03/035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
Protocol
H2
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b1239bb1f3b34a013774f39ba4bf2a6e0ad7d4f976c60d145765cd9b2d58bc73
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 10 Jul 2023 21:03:30 GMT
etag
"1e4b16fb71b3d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4x6
content-type
image/jpeg
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
68742

Redirect headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4w8
content-type
text/html; charset=utf-8
location
/AonExchange/files/03/035d9cbb-eda3-43bf-9591-70b6ce674406.jpg
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
content-length
179
edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
retiree.alight.com/AonExchange/files/ed/
Redirect Chain
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=edc4293a-2cd0-4944-b24b-e1ba199be663
  • https://retiree.alight.com/AonExchange/files/ed/edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
69 KB
70 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/files/ed/edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
Protocol
H2
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6815ea9e03f042ede0745bfc8c010f437e460c9384de103facfa2275d8cc15c6
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 10 Jul 2023 21:03:31 GMT
etag
"f56ba3fb71b3d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4x7
content-type
image/jpeg
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
71121

Redirect headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4w9
content-type
text/html; charset=utf-8
location
/AonExchange/files/ed/edc4293a-2cd0-4944-b24b-e1ba199be663.jpg
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
content-length
179
a12560d9-900c-4175-992a-00c41597b733.jpg
retiree.alight.com/AonExchange/files/a1/
Redirect Chain
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=a12560d9-900c-4175-992a-00c41597b733
  • https://retiree.alight.com/AonExchange/files/a1/a12560d9-900c-4175-992a-00c41597b733.jpg
54 KB
55 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/files/a1/a12560d9-900c-4175-992a-00c41597b733.jpg
Protocol
H2
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ecdb55a158d5f0eb31e703d442076a1fafc59fa453511c0328c388c7ed10a004
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 10 Jul 2023 21:03:34 GMT
etag
"25371fd71b3d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4yd
content-type
image/jpeg
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
55047

Redirect headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4wa
content-type
text/html; charset=utf-8
location
/AonExchange/files/a1/a12560d9-900c-4175-992a-00c41597b733.jpg
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
content-length
179
d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
retiree.alight.com/AonExchange/files/d1/
Redirect Chain
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=d13015a8-411a-4b85-b0cc-00a19eba6543
  • https://retiree.alight.com/AonExchange/files/d1/d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
50 KB
51 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/files/d1/d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
Protocol
H2
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad0c2306b6eeb53ecb20e842025b448ea6ec856b21a02726977c068b8bdfae6f
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 10 Jul 2023 21:03:31 GMT
etag
"eb79adfb71b3d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4ye
content-type
image/jpeg
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
51486

Redirect headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4wb
content-type
text/html; charset=utf-8
location
/AonExchange/files/d1/d13015a8-411a-4b85-b0cc-00a19eba6543.jpg
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
content-length
179
38156f88-647b-489f-a07f-e1b781d091c4.jpg
retiree.alight.com/AonExchange/files/38/
Redirect Chain
  • https://retiree.alight.com/CMSPages/GetFile.aspx?guid=38156f88-647b-489f-a07f-e1b781d091c4
  • https://retiree.alight.com/AonExchange/files/38/38156f88-647b-489f-a07f-e1b781d091c4.jpg
41 KB
42 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/files/38/38156f88-647b-489f-a07f-e1b781d091c4.jpg
Protocol
H2
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a12fcd86417c4717f60c258ff1a658c61211e4cb274921f5b111aa461bfe83e3
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 10 Jul 2023 21:03:30 GMT
etag
"69f5aefa71b3d91:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4ym
content-type
image/jpeg
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
42447

Redirect headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4wc
content-type
text/html; charset=utf-8
location
/AonExchange/files/38/38156f88-647b-489f-a07f-e1b781d091c4.jpg
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
content-length
179
closebirdie.png
retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/
324 B
1 KB
Image
General
Full URL
https://retiree.alight.com/AonExchange/media/Image-Gallery/SiteImages/closebirdie.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9541f9adb61db432f7a65a5a38b40c2f4a5dcd231f9e6cd1b415c4220bcdcd4
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/home.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
last-modified
Mon, 26 Aug 2019 12:59:19 GMT
etag
"479aeb12e5cd51:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4wd
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=2592000
includesubdomains
preload
accept-ranges
bytes
content-length
324
IpEngine_v79.0.js
universal.iperceptions.com/core/
12 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/core/IpEngine_v79.0.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fe63153f01ff7db0a6dc83b4f7acc5ed06410021f2d302063e263727e88d3ff8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:53:36 GMT
content-encoding
gzip
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
content-md5
37qd3bJleyYQUEDZodk3CA==
age
80
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
last-modified
Tue, 14 Feb 2023 19:22:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
f1ddfc5a-401e-0024-2ac6-007086000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
cLU37RU7L5hIJ5K9I8YhjnYXLGfJHV4fHHyjWiUv4AhhaMfWaZeBbg==
SetMachineInfo
retiree.alight.com/API/PageSetup/
4 B
864 B
XHR
General
Full URL
https://retiree.alight.com/API/PageSetup/SetMachineInfo
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-NewRelic-ID
VwIAVFVRDxABV1RSAwUPX1EA
tracestate
1757232@nr=0-1-3475327-1385963063-7d6aa1b20fabeb99----1697525696451
traceparent
00-d44bf2e47fe2235a12e833f24c43a800-7d6aa1b20fabeb99-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NzUzMjciLCJhcCI6IjEzODU5NjMwNjMiLCJpZCI6IjdkNmFhMWIyMGZhYmViOTkiLCJ0ciI6ImQ0NGJmMmU0N2ZlMjIzNWExMmU4MzNmMjRjNDNhODAwIiwidGkiOjE2OTc1MjU2OTY0NTEsInRrIjoiMTc1NzIzMiJ9fQ==
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://retiree.alight.com/home.aspx
X-Requested-With
XMLHttpRequest
__RequestVerificationToken
tlK0Yj5tiqBoGvhYChCREEgmg8RMqVjRYDslJPjwg1d0IwPT69ngbkRCthn6txHhZ6t9j/EGPV0e0utBZEh7Iw2yLIM1nMuiO3yJTEmJKRM=

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-security-policy
default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
x-frame-options
SAMEORIGIN
x-azure-ref
20231017T065456Z-bx0p7c87yh78raeupm4hrfr8fs0000000db000000001e4x8
content-type
application/json
x-cache
CONFIG_NOCACHE
cache-control
private
includesubdomains
preload
accept-ranges
bytes
content-length
24
35298_638283191199328257
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/
9 KB
2 KB
Script
General
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/35298_638283191199328257
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7e00:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c26eddb2bc99914580ffcd6f4cfc58837123acbfee52b65691d7eb15032710ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:42:36 GMT
content-encoding
gzip
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
content-md5
IFBc4cXepI0M96woXC+tXQ==
age
740
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1223
x-ms-lease-status
unlocked
last-modified
Tue, 22 Aug 2023 16:38:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBA32E3DB1E192
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
333b587f-f01e-0088-79c5-007d56000000
cache-control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
x-amz-cf-id
_xeriojCs0GYXu672y6jqBEhGxhIw_wDfuHd7V2h3sLm6Z56bsgBfg==
/
seal.digicert.com/seals/cascade/
3 KB
4 KB
Image
General
Full URL
https://seal.digicert.com/seals/cascade/?tag=6Defojov&referer=retiree.alight.com&format=png&lang=en&an=min
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
202d124cfbdf21fb5f5d09094c9b9ab6523960595e009145765e24bc4050971c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 06:54:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff, nosniff
last-modified
Tue, 17 Oct 2023 00:00:00 +0000
Server
nginx
Content-Type
image/png
cache-control
max-age=86400
x-envoy-upstream-service-time
27
Connection
keep-alive
Content-Length
3419
X-XSS-Protection
1; mode=block, 1; mode=block
expires
Wed, 18 Oct 2023 06:54:56 +0000
NRJS-2699f324357c4dcc42e
bam.nr-data.net/events/1/
24 B
347 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/NRJS-2699f324357c4dcc42e?a=1350448951&v=1.244.0&to=YlYAMkcFXBEFURJcV1scIzVlS1EPF0YDWEhZUhYDRktTDQpXHlZQVF0FAxoUUwUBRgNYSFlSFgNGS1MODVUOQVBaXgcWVANXFgFfFllZQVZMB0YUSg%3D%3D&rst=1897&ck=0&s=77a7e09f23005643&ref=https://retiree.alight.com/home.aspx
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://retiree.alight.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230031-FRA
v2
rs.fullstory.com/rec/bundle/
29 B
91 B
XHR
General
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=P9391&UserId=6dc3403a-6a63-4d84-a518-fc7b7ecd720e&SessionId=83a77d20-e906-46f7-b29c-7740f257ffa2&PageId=a77bf10c-41bc-4ee2-8a7c-bdda54719347&Seq=1&PageStart=1697525695525&PrevBundleTime=0&LastActivity=681&IsNewSession=true
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
af5d90056d84d4cd132fb6d0f9bf631649377cb6da2b2f6969f94883be67b96f

Request headers

Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://retiree.alight.com
date
Tue, 17 Oct 2023 06:54:56 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
harvest_35298.js
art.azureedge.net/harvest/
9 KB
2 KB
Script
General
Full URL
https://art.azureedge.net/harvest/harvest_35298.js
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE0) /
Resource Hash
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 17 Oct 2023 06:54:56 GMT
content-encoding
gzip
content-md5
H60ZpvNB4GMbbO835WkX9g==
age
1208958
x-cache
HIT
content-length
2022
x-ms-lease-status
unlocked
last-modified
Mon, 25 Feb 2019 15:58:44 GMT
server
ECAcc (frc/4CE0)
etag
0x8D69B3A1EEC5895
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
1e74651c-e01e-00c8-48c8-f5f7cb000000
cache-control
public, max-age=2592000
x-ms-version
2009-09-19
ip.gif
post.iperceptions.com/
32 B
571 B
XHR
General
Full URL
https://post.iperceptions.com/ip.gif?sid=d2d4af09-5470-aaae-26be-d0588071eef3&vid=257fb207-1a60-171c-d660-9f8f5e64413d&tkid=ceeac950-5ba3-4899-848d-46c2da5ccbb6&url=https%3A%2F%2Fretiree.alight.com%2Fhome.aspx&title=AlightHome%20%7C%20Alight%20Retiree%20Health%20Solutions
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:15:bf9a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:54:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy
cross-origin
content-length
32
last-modified
Mon, 06 Nov 2017 18:05:13 GMT
server
Apache
etag
"576fcca2957d31:0"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
gzaGc4Nar0CwG2DpvEJDurc1Ys9S58NxXxULEGw1nQhmhiFptjaOSg==
v2
rs.fullstory.com/rec/bundle/
29 B
43 B
XHR
General
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=P9391&UserId=6dc3403a-6a63-4d84-a518-fc7b7ecd720e&SessionId=83a77d20-e906-46f7-b29c-7740f257ffa2&PageId=a77bf10c-41bc-4ee2-8a7c-bdda54719347&Seq=2&PageStart=1697525695525&PrevBundleTime=1697525696678&LastActivity=4703&IsNewSession=true
Requested by
Host: retiree.alight.com
URL: https://retiree.alight.com/home.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2ae49dfc718e3ce55345f5443ffc9ce3c02945ccbd01ac8feb5370ec50b59b40

Request headers

Referer
https://retiree.alight.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://retiree.alight.com
date
Tue, 17 Oct 2023 06:55:00 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLJ1NLJ4HL&gtm=45je3ab0&_p=1797070330&cid=1012807058.1697525696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&uid=00000000-0000-0000-0000-000000000000&sid=1697525696&sct=1&seg=0&dl=https%3A%2F%2Fretiree.alight.com%2Fhome.aspx&dt=AlightHome%20%7C%20Alight%20Retiree%20Health%20Solutions&en=fetch_user_data&ep.agent_id=00000000-0000-0000-0000-000000000000&_et=19&up.custom_client_id=1012807058.1697525696.
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLJ1NLJ4HL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retiree.alight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 06:55:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retiree.alight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| NREUM object| webpackChunk:NRBA-1.244.0.PROD object| newrelic string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| FontAwesomeKitConfig boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| otStubData object| a function| e object| ___FONT_AWESOME___ object| fontawesome-pro-shims object| FontAwesomeConfig object| FontAwesome object| theForm function| __doPostBack object| OneTrustStub function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY number| remindTimer number| redirectTimer number| sessionTimeReminder number| sessionTimeout function| doReminder function| doRedirect function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| CMS string| gTagAccount string| _fs_loaded function| _fs_shutdown object| EXCHANGE function| $ function| jQuery function| Tether object| jQuery111106849737154234112 object| picturefillCFG function| picturefill object| Prism object| Modernizr object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data object| icPatronChat function| debounce function| UAParser object| ko function| moment object| mutate_event_stack object| mutate function| Inputmask function| extendDefaults function| extendDefinitions function| extendAliases function| format function| unmask function| isValid function| remove function| setValue function| dependencyLib function| callBaseMethod function| getBaseMethod function| getBaseType function| getInterfaces function| getName function| implementsInterface function| inheritsFrom function| initializeBase function| isImplementedBy function| isInstanceOfType function| registerClass function| registerInterface function| resolveInheritance function| registerEnum string| callBackFrameUrl string| iperceptionskey boolean| trustedSealEnabled object| __dcid function| loadTrustedSeal object| iPerceptions function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| __Cascade string| prop object| ipDef function| initharvest number| j object| trigger number| rate boolean| result object| condition object| SEAC

15 Cookies

Domain/Path Name / Value
retiree.alight.com/ Name: CMSPreferredCulture
Value: en-US
retiree.alight.com/ Name: CMSCsrfCookie
Value: Wtv85jxMAp/ZefCH9ITLCpr+CBLiJ7lDCuYSvCcb
retiree.alight.com/ Name: ASP.NET_SessionId
Value: jqde30oz2q1idaidgfjegkln
retiree.alight.com/ Name: __RequestVerificationToken_Lw__
Value: 6ixxjWimC4R85T4N99CYmCt56WpH0JCYHiEO8mtcxU4ZQoQi4f+HzRiZ6jQim25Vwiv+Uxs88I4ZplgpnLNxrFMYGSTdXrK8VUSYmigNKPU=
.retiree.alight.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Oct+17+2023+08%3A54%3A55+GMT%2B0200+(Central+European+Summer+Time)&version=6.31.0&hosts=&consentId=a5f61ad9-e007-46f4-a829-bccc86910a47&interactionCount=0&landingPath=https%3A%2F%2Fretiree.alight.com%2Fhome.aspx&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CBG9%3A0%2CC0004%3A0
.alight.com/ Name: fs_lua
Value: 1.1697525695522
.alight.com/ Name: fs_uid
Value: #P9391#6dc3403a-6a63-4d84-a518-fc7b7ecd720e:83a77d20-e906-46f7-b29c-7740f257ffa2:1697525695522::1#/1729061694
retiree.alight.com/ Name: ipe_s
Value: d2d4af09-5470-aaae-26be-d0588071eef3
.alight.com/ Name: _ga
Value: GA1.1.1012807058.1697525696
.alight.com/ Name: _ga_JLJ1NLJ4HL
Value: GS1.1.1697525696.1.0.1697525696.0.0.0
retiree.alight.com/ Name: ipe.35298.pageViewedCount
Value: 1
retiree.alight.com/ Name: ipe.35298.pageViewedDay
Value: 290
retiree.alight.com/ Name: ipe_35298_fov
Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%22d2d4af09-5470-aaae-26be-d0588071eef3%22%2C%22expiry%22%3A%222023-11-16T07%3A54%3A56.639Z%22%2C%22lastVisit%22%3A%222023-10-17T06%3A54%3A56.639Z%22%7D
.universal.iperceptions.com/ Name: iperceptions.com
Value: [{"id":"ceeac950-5ba3-4899-848d-46c2da5ccbb6","history":[],"visitors":[{"id":"6130223866","time":"2023-10-17T06:54:56.332Z","host":"retiree.alight.com"}]}]
retiree.alight.com/ Name: ipe_v
Value: 257fb207-1a60-171c-d660-9f8f5e64413d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline' *.bing.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.ipify.org *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com cdn.cookielaw.org geolocation.onetrust.com https://edge.fullstory.com https://www.fullstory.com https://fullstory.com https://js-agent.newrelic.com https://bam.nr-data.net https://bam-cell.nr-data.net *.bing.com *.virtualearth.net https://kit.fontawesome.com;
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.iperceptions.com
art.azureedge.net
bam.nr-data.net
cdn.cookielaw.org
edge.fullstory.com
geo.ipify.org
geolocation.onetrust.com
js-agent.newrelic.com
ka-p.fontawesome.com
kit.fontawesome.com
post.iperceptions.com
region1.google-analytics.com
retiree.alight.com
retiree.aon.com
rs.fullstory.com
sd.iperceptions.com
seal.digicert.com
universal.iperceptions.com
www.googletagmanager.com
151.101.66.137
162.247.243.29
2001:4860:4802:34::36
2600:9000:2156:7e00:18:ee0c:6e00:93a1
2600:9000:223c:ce00:15:bf9a:3f00:93a1
2600:9000:2250:7600:8:e7ba:7440:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:4400::6812:2089
2606:4700::6812:1734
2606:4700::6812:82ec
2620:1ec:46::44
2620:1ec:bdf::44
2a00:1450:4001:812::2008
35.186.194.58
35.201.112.186
52.138.200.61
63.33.186.64
64.140.160.2
00d444ebc9bcba7a2f549b85fcb4c8d6c05de356509edfcf03dec7e890699e0e
041fb5632f5352d696490d2f07c3b2302007a254a1d583c4a587458cb2293fb4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0da9bffd1f41361d4480bcf7d1a9a37d43c43fcf9f0b32dc0c025b2a38cff56f
0ed5d1be2f0bcf06c6dcccff96c456cf00dd465db4b2076be666e0ad1fa475e9
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
1f0884b12c7d540f6f995ffa6664d5449d075c1ab2a0bfc7ace1df69b2761d84
202d124cfbdf21fb5f5d09094c9b9ab6523960595e009145765e24bc4050971c
20927abb857974ff5bc2085d999feff2123fc7de639837c6aea90391a8216254
20b9b49225657fe3e2b81073c4e54ab2121adcaff02919a4b4e8ec67cd887f80
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
250edeeb37479a462b0caa0da69d9f047d5df94ca8c807d66f8da56da9518863
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2754224dc73acdb57aea115599ad71096451a80d5014361febdcf0304b6abb23
2ae49dfc718e3ce55345f5443ffc9ce3c02945ccbd01ac8feb5370ec50b59b40
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
39f239d7bd22ef9f58fcc15df57cb5f772528aac79fec14bdeac706da30a91c0
3c15b10745e344f1795ad4810c96f0fd1dec492f524f005e5773ed166f81bcfb
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
43f204a356ed90654339ca85bc6182287434df45360c816a290411fbe758f44b
47ed06660d112d0cde212f7fdd9da0f9047f278a884e02d8043ad96bb42bbe1b
4b29e20cd4cd9e8eca61474fa2ab8692e101dc176ce534f5f28c11a9dc5af730
5119bbc7fc1e593e4c275a67e2b57764fe25ede28b543976ba6109009cd39949
51e25f701e2cf2288ef9b9186f439db34640ddd8aee99381c142a5543908cf59
5253147a7ace1fd1bdeb28fecdf09a2dcf477b494cc55c542f59265369379c87
563c0cd4c323ca083d1dd21178f3841f170c347689782c4ce08104f0a8ed0faf
5a3c4ef7c595d366338a772ed5358f77a087e19bd45d21f98cc120e2c839d2fc
61b94b0781300ca6ab5a5c68eeb12da052460a3f91e821c5c0788be155bc7fde
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6815ea9e03f042ede0745bfc8c010f437e460c9384de103facfa2275d8cc15c6
6babdb1bd9bf92a9f0881ae0a7f6d9cc0141e311c1b581af41d5ca063ba2b6ac
6d418a48de537f80439923d4b1b90e931fddb140867a297aa32fba9f6095d0f9
6e33f1ce03c449c7acbc3100d99b8921118c217510d0232cf1979b0272535f07
7500f98e43ef5aae1b36ef61f2fbd90b28d4b89c8af5e80540b638f09422446e
7f4e3686905e069628a53878c3f581a1f0a471d9747f32c491d47bc507e2ae26
80d722d9f8280c386806275b20291baeb3d29750bc364f3235bb74fc2c964c27
81015bbab8119a851f5ebfc89748edabcec41a4608697326ce5ac53a1938f703
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
831b15100a8732c94a22e6a72596ad31785d3d06a584679e86f9d9e2b587f39b
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8687627cf52049bac6e3a169a0b2ce17c9c73307b10e5ab590d035820137501d
8b3d5769702d50d3aef0dc8b94ee66a9d6c7c52e69c4323fb50608f081c0b30c
9007992661f3ce823fb34f953e284ae9583c7bff59d333dc4b1b5459f32766c2
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
978216366bd92e15bc9af69032ed2a659bf2e481f8b63a1f88d860e73b084b3a
98b1f231195e1a6390091531f35528a61ba32f1932abe56dc0c5894f7c93388d
9b3c71f46ae90baf14a8869188b0000e5ced04f057b45b8ae29e8b1b9c25327e
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd
a12fcd86417c4717f60c258ff1a658c61211e4cb274921f5b111aa461bfe83e3
a22e20cc90f4444f8fc18b319e519be54f418a74bf6e9c8104e809a7c7860660
a381713d2790db7387e7724f8d84223dc4b71b62c446a7602e8b0e25f775aa64
a595e263cad7e70e8703a6f6070a59134a83b1da3124543d0079b36cbdbf7af5
a5e04224cfa1ad8a902257c361cf7e71e38e412026208343eec5ced3cfed71bb
a7acd8e348e369e1829d3d5766b4bb1857d9b0b2c54e608679c1fd86d228e90f
a9541f9adb61db432f7a65a5a38b40c2f4a5dcd231f9e6cd1b415c4220bcdcd4
ad0c2306b6eeb53ecb20e842025b448ea6ec856b21a02726977c068b8bdfae6f
af5d90056d84d4cd132fb6d0f9bf631649377cb6da2b2f6969f94883be67b96f
b1239bb1f3b34a013774f39ba4bf2a6e0ad7d4f976c60d145765cd9b2d58bc73
b2858cde7cd39d71202da58facba7eb7ae173c76bd29e9d3adffef7bcc8082dc
b594de64cb38e1dead7fbde0ecaec3cc5e86fcffe980a31a277a2882fd244d96
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
be08d11ef50b2b6ab9e3924f1f2b85e971c831b0c8a138411c37f53d3b5ecf0d
c26eddb2bc99914580ffcd6f4cfc58837123acbfee52b65691d7eb15032710ac
c364f26f9e540927b6a31835b0110152964dad05fc50ddf50b5c299281ae6df4
c3c968fd7c01c1db0d1d7301a8a84603450fa76fee4d69795d15ca80eb5f776a
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
d3bd7ac08708e9f9fd647c7e7d72cd7e4c1299434c4bdc8f28b296e72cf21d8f
d43ad62e16b8fa25405b751e8af3d9d60bd14180badc8a7615e7da005933cdb3
d6a94b6580523e611e6e1d26d0f2dba2eb74c3118e95e771ad28024c333d030f
d73a99607479c4fd167076ca8fd0778c4e9f3a9ce97aae575a5b484b056e9da7
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcaf41e4ab2cfa799c2386b54751c2bd361c6d1f7ed29b9151e9dd2d33b0c081
de2b416557703147016c099ab67953074024836f698996fa57b651b06befacaf
e1a49a42d7a77e3956a96a058bb7a947e0efac1d3e9c48971c7b40ba9cc7a845
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5244a2154829d30320f472d5f6d84add16940743f5991abd0e3ddcfc5c615dc
e5a90a9aa891f4e3b717cb8e14b564f6d0c51a4db04ca62c52ddc817cc132268
eab7f78614e2934b98c4deb139c0d3b01163cc8b627e0698b5ffaeee4575ea2b
ecdb55a158d5f0eb31e703d442076a1fafc59fa453511c0328c388c7ed10a004
f190917e79defe4a8dda533876be56431194f945f39f11ae7ba449f37c871ebe
f783b90e4dd36f8b17e4b89ae196db18ab98f40a7af29192094d0332f8795cfc
f918535e1b668e15e8204d386104130455167b66045311e4dfd272a38108b008
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
fe63153f01ff7db0a6dc83b4f7acc5ed06410021f2d302063e263727e88d3ff8