www.claremontgi.com Open in urlscan Pro
77.72.2.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.claremontgi.com/balanced-workplaces/
Submission: On November 03 via api (November 3rd 2022, 7:30:26 pm UTC) from US — Scanned from GB

Summary HTTP 60 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 60 HTTP transactions. The main IP is 77.72.2.36, located in United Kingdom and belongs to KRYSTAL, GB. The main domain is www.claremontgi.com.
TLS certificate: Issued by R3 on October 18th 2022. Valid for: 3 months.

This is the only time www.claremontgi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	77.72.2.36 77.72.2.36	12488 (KRYSTAL) (KRYSTAL)
2	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.139.103 52.222.139.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
22	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	84.18.197.167 84.18.197.167	29636 (CATALYST2-AS) (CATALYST2-AS)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	174.129.125.147 174.129.125.147	14618 (AMAZON-AES) (AMAZON-AES)
1	23.21.150.130 23.21.150.130	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	16

22 77.72.2.36 (United Kingdom)

ASN12488 (KRYSTAL, GB)
PTR: azreal-lon1.krystal.uk

www.claremontgi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.aiea6gaza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-103.ams50.r.cloudfront.net

www.sc.pages02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.18.197.167 (United Kingdom)

ASN29636 (CATALYST2-AS, GB)
PTR: 84-18-197-167.vps.catalyst2.com

tracking1.force24.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.125.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-125-147.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.150.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-150-130.compute-1.amazonaws.com

www.pages02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9185 va.tawk.to — Cisco Umbrella Rank: 8989	199 KB
22	claremontgi.com www.claremontgi.com	2 MB
2	gstatic.com fonts.gstatic.com	55 KB
2	pages02.net www.sc.pages02.net — Cisco Umbrella Rank: 51920 www.pages02.net — Cisco Umbrella Rank: 53858	6 KB
2	aiea6gaza.com secure.aiea6gaza.com	24 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	39 KB
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 3302	198 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2368	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	28 KB
1	force24.co.uk tracking1.force24.co.uk — Cisco Umbrella Rank: 176146	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	65 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
60	14

	Domain	Requested by
22	www.claremontgi.com	www.claremontgi.com
18	embed.tawk.to	www.claremontgi.com embed.tawk.to
5	va.tawk.to	embed.tawk.to
2	fonts.gstatic.com	fonts.googleapis.com
2	secure.aiea6gaza.com	www.claremontgi.com secure.aiea6gaza.com
1	cdn.jsdelivr.net	embed.tawk.to
1	www.pages02.net
1	idx.liadm.com	secure.aiea6gaza.com
1	www.google.co.uk	www.claremontgi.com
1	www.google.com	www.claremontgi.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdnjs.cloudflare.com	tracking1.force24.co.uk
1	tracking1.force24.co.uk	www.claremontgi.com
1	www.googletagmanager.com	www.claremontgi.com
1	www.sc.pages02.net	www.claremontgi.com
1	fonts.googleapis.com	www.claremontgi.com
60	16

This site contains links to these domains. Also see Links.

Domain
us06web.zoom.us
www.instagram.com
twitter.com
uk.linkedin.com
www.pinterest.com

Subject Issuer	Validity	Valid
claremontgi.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-13` - `2023-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.silverpop.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
tracking1.force24.co.uk R3	`2022-10-31` - `2023-01-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.claremontgi.com/balanced-workplaces/
Frame ID: A06CEA7415423C2EA751F800CDB5A577
Requests: 56 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/635a92a45e8/css/message-preview.css
Frame ID: 1C4AFEDD1329924D6F9C3F32B64B7A7C
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/635a92a45e8/css/min-widget.css
Frame ID: 2F1D62915704091AF829F4C6DD080E92
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/635a92a45e8/css/max-widget.css
Frame ID: 4EDBEBE1D937AA28EABA051E24B3DA1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Balanced Workplaces | Claremonticon-consultancyicon-designicon-furnitureicon-technologySub MenuSub Menulogo-iglogo-twitterlogo-linkedinlogo-pinterest

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

2660 kB
Transfer

4102 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://us06web.zoom.us/webinar/register/8216648010145/WN_P6RDq_uQQUepL2N1qiPvPA
Title: Register Here

Search URL Search Domain Scan URL

URL: https://www.instagram.com/claremontgroup/

Search URL Search Domain Scan URL

URL: https://twitter.com/claremontgroup

Search URL Search Domain Scan URL

URL: https://uk.linkedin.com/company/claremont-group-interiors

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/claremontgroup

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.claremontgi.com/balanced-workplaces/ 138 KB
16 KB 373ms
59ms Document
text/html 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 86b7c90fb991e4ed5f9429be971857209ad8e965c6373203e49c14874992d5f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-length: 16273
content-type: text/html
date: Thu, 03 Nov 2022 19:30:17 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Thu, 03 Nov 2022 16:50:16 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 8bsn1.css
www.claremontgi.com/wp-content/cache/wpfc-minified/8u5f801s/ 87 KB
11 KB 30ms
29ms Stylesheet
text/css 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/cache/wpfc-minified/8u5f801s/8bsn1.css
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 595c8179e94fddabd1598615229afa5ef273638874474dace749f2a9971074b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 12:33:51 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 10914
expires: max-age=A10368000, public

GET
H2 200 8bsn1.css
www.claremontgi.com/wp-content/cache/wpfc-minified/l9ubnt10/ 82 KB
14 KB 31ms
30ms Stylesheet
text/css 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/cache/wpfc-minified/l9ubnt10/8bsn1.css
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 3160c36a21b43567d4e2c6eb3e5ee9210b1462d3a4a82a98f63b2a5fc4267cd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 12:33:51 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 14743
expires: max-age=A10368000, public

GET
H2 200 8bsn1.js Show response
www.claremontgi.com/wp-content/cache/wpfc-minified/8tnr6jfg/ 21 KB
8 KB 60ms
59ms Script
application/javascript 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/cache/wpfc-minified/8tnr6jfg/8bsn1.js
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 23a835419541cfc9afdd2e4f9bf0bb72e7c209729d86a89400d89f3082b8598f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 12:33:51 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 8078
expires: max-age=A10368000, public

GET
H/1.1 200
OK 166562.js Show response
secure.aiea6gaza.com/js/ 24 KB
24 KB 243ms
40ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiea6gaza.com/js/166562.js
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: dcd4b39b26655161eeba4c8863e9546d89093834d7652de1bd6742f2358076c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 03 Nov 2022 19:30:19 GMT
Server: Kestrel
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Connection: keep-alive
Content-Length: 24512
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 8bsn1.css
www.claremontgi.com/wp-content/cache/wpfc-minified/qx3o1dm8/ 53 KB
9 KB 60ms
59ms Stylesheet
text/css 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/cache/wpfc-minified/qx3o1dm8/8bsn1.css
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: fc6fb7a96bf11d012d5293e93f739f2de1145642be3aa782a324b9eb42437263

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 12:33:51 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 9624
expires: max-age=A10368000, public

GET
H2 200 slick.woff
www.claremontgi.com/wp-content/themes/claremont-2022/slick/fonts/ 1 KB
1 KB 29ms
28ms Font
font/woff 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/slick/fonts/slick.woff
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://www.claremontgi.com/balanced-workplaces/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
last-modified: Mon, 22 Aug 2022 08:58:24 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1380
expires: max-age=A10368000, public

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;600;700;900&display=swap

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d71fdf8a6b10d532969edb5325f9de5049e5ffd3dd4c355cb59232fcd7274a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 19:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:30:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 19:30:19 GMT

GET
H2 200 8bsn1.js Show response
www.claremontgi.com/wp-content/cache/wpfc-minified/sgp81os/ 113 KB
40 KB 55ms
55ms Script
application/javascript 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/cache/wpfc-minified/sgp81os/8bsn1.js
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: cd0ae6920ab207a20eed2805f76afdf0e097b927dd1bd949b6ea9bc583afb3fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 12:33:51 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 40598
expires: max-age=A10368000, public

GET
H2 200 iMAWebCookie.js Show response
www.sc.pages02.net/lp/static/js/ 14 KB
5 KB 432ms
285ms Script
application/javascript 52.222.139.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sc.pages02.net/lp/static/js/iMAWebCookie.js?654b5a7b-14f69211a24-3f3d5eceea4051b7c82d96ba93c1b04e&h=www.pages02.net

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-103.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:19 GMT
content-encoding: gzip
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
strict-transport-security: max-age=16070400; includeSubDomains; preload
last-modified: Wed, 02 Nov 2022 02:54:37 GMT
server: Apache
x-amz-cf-pop: AMS50-C1
etag: "3772-5ec73f61262d2-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5138
x-amz-cf-id: UCCnPTSuyuPZE4CIo9Dj6Jz2vK8zaQf4oYfCRtc722xr9vK6gTBArw==

GET
H3 200 logo-claremont-gold-white.svg
www.claremontgi.com/wp-content/themes/claremont-2022/assets/svg/global/ 8 KB
3 KB 30ms
30ms Image
image/svg+xml 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/assets/svg/global/logo-claremont-gold-white.svg
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 91ba2e353367a2511b2db01d558e01a732b25b4bfdc3b9a614df9bdadb05a6d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Mon, 22 Aug 2022 08:58:36 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 2615
expires: max-age=A10368000, public

GET
H3 200 logo-claremont-gold-black.svg
www.claremontgi.com/wp-content/themes/claremont-2022/assets/svg/global/ 9 KB
3 KB 31ms
30ms Image
image/svg+xml 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/assets/svg/global/logo-claremont-gold-black.svg
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 3aab6b0bf070e6dd4c7dd3dc422505e92d2db9cdbc6ef6079147f3b6dfa67e8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Mon, 22 Aug 2022 08:58:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 2652
expires: max-age=A10368000, public

GET
H3 200 team-border-top.svg
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 590 B
370 B 36ms
34ms Image
image/svg+xml 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/team-border-top.svg
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 65fe3c1ab11bfbdcc3703b7f21597b5b0b4f684bc8ffd9b96524c2e8f35d5af1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 15:41:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 325
expires: max-age=A10368000, public

GET
H3 200 index.js Show response
www.claremontgi.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 30ms
30ms Script
application/javascript 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 14:04:45 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2817
expires: max-age=A10368000, public

GET
H3 200 index.js Show response
www.claremontgi.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 31ms
30ms Script
application/javascript 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 14:04:45 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 3706
expires: max-age=A10368000, public

GET
H3 200 smush-lazy-load.min.js Show response
www.claremontgi.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 30ms
29ms Script
application/javascript 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claremontgi.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.3
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 14:04:53 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 3544
expires: max-age=A10368000, public

GET
H3 200 claremont-logo-white.svg
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 6 KB
3 KB 35ms
33ms Image
image/svg+xml 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/claremont-logo-white.svg
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 89500169e17a4e1824d08100da8ca3f60958832eeb2073370faf00f169425612

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 15:27:14 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 2547
expires: max-age=A10368000, public

GET
H/1.1 200
OK Capture.aspx Show response
secure.aiea6gaza.com/Track/ 0
184 B 73ms
71ms Script
text/plain 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiea6gaza.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=166562&trk_sw=1600&trk_sh=1200&trk_ref=&trk_tit=Balanced%20Workplaces%20%7C%20Claremont&trk_loc=https%3A%2F%2Fwww.claremontgi.com%2Fbalanced-workplaces%2F&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36.lfcd24.lflngen-US&trk_dom=www.claremontgi.com&trk_cookie=NA&trk_culid=01GGZFJ2G5Y4QAA13RTGFB59KQ
Requested by: Host: secure.aiea6gaza.com
URL: https://secure.aiea6gaza.com/js/166562.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 19:30:19 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
65 KB 158ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VV36LX

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1031f2b5f400710b36a820816d712114b6c829810609e9f03040fef134282ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65551
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 18:03:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Nov 2022 19:30:19 GMT

GET
H2 200 default Show response
embed.tawk.to/5f20009c5e51983a11f5ee3e/ 2 KB
944 B 517ms
441ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9f8cdfd40abe40f9d4842ee8a40b3596220f612b916971ec2aa690a6e86651

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
server: cloudflare
etag: W/"stable-v4-635a92a45e8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 764786171e0976e7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 main.min.js Show response
tracking1.force24.co.uk/tracking/V2/ 17 KB
6 KB 159ms
45ms Script
application/javascript 84.18.197.167
CATALYST2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.force24.co.uk/tracking/V2/main.min.js
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.18.197.167 , United Kingdom, ASN29636 (CATALYST2-AS, GB),
Reverse DNS: 84-18-197-167.vps.catalyst2.com
Software: /
Resource Hash: ae1c94962326c452bcd985ccd9532e8f59c326ec359cb40b6b93b089431be3a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:18 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 07:38:30 GMT
etag: "0dff28b8b96d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6337

GET
H3 200 box-link.png
www.claremontgi.com/wp-content/themes/claremont-2022/assets/ 932 B
986 B 31ms
30ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/assets/box-link.png
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/wp-content/cache/wpfc-minified/qx3o1dm8/8bsn1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 1ada7254d56b874ce6b5160f7d4790dac2482844e440ae87c4f1f9223870befa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/wp-content/cache/wpfc-minified/qx3o1dm8/8bsn1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
last-modified: Mon, 22 Aug 2022 08:58:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 932
expires: max-age=A10368000, public

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 179ms
84ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 582537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:41:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 24 KB
25 KB 124ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:09:31 GMT
x-content-type-options: nosniff
age: 570048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25036
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 05:09:31 GMT

GET
H3 200 banner-cutout.png
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 1 MB
1 MB 32ms
32ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/banner-cutout.png
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 0f6e17c87031253eee1635548e6721b307a4038c5dcacaca2b5e735429d10ab9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:17 GMT
last-modified: Tue, 06 Sep 2022 10:39:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 1418438
expires: max-age=A10368000, public

GET
H3 200 schema Show response
www.claremontgi.com/wp-json/contact-form-7/v1/contact-forms/13099/feedback/ 627 B
414 B 682ms
682ms Fetch
application/json 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.claremontgi.com/wp-json/contact-form-7/v1/contact-forms/13099/feedback/schema

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

Protocol

Security

QUIC, , AES_128_GCM

Server

77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),

Reverse DNS

azreal-lon1.krystal.uk

Software

LiteSpeed /

Resource Hash

54c75d0079c308d114b9b48bff06c9b600ca1428dc19edb56fba413176ba0d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.claremontgi.com/balanced-workplaces/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: LiteSpeed
allow: GET
vary: Origin,Accept-Encoding,User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://www.claremontgi.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
content-length: 180

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 120ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: tracking1.force24.co.uk
URL: https://tracking1.force24.co.uk/tracking/V2/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3614245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKmFMZ1Imo00DKYV6ma%2FTnJQrJ96i4uedhx8sKDr3ZnQHNUy%2F4pzOfloCThhhrhLburAV1%2BAPgBxhEXmsYDexFqNt6jLntcw79ESbAthrIZvqi5NDvSeVrVn3tqpNFMkXP3aeEinEU%2Bics08oKA%2FCmGe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764786182e0ddcc7-LHR
expires: Tue, 24 Oct 2023 19:30:19 GMT

GET
H3 200 ball-2.png
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 64 KB
64 KB 34ms
34ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ball-2.png
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: 1d522e017fa70ed217d90345a07538665040da77afdf25fb7f8c39fbc155e3f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:18 GMT
last-modified: Tue, 06 Sep 2022 10:56:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 65047
expires: max-age=A10368000, public

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/729954304/ 2 KB
1 KB 176ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/729954304/?random=1667503819552&cv=11&fst=1667503819552&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.claremontgi.com%2Fbalanced-workplaces%2F&tiba=Balanced%20Workplaces%20%7C%20Claremont&auid=1754930004.1667503820&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VV36LX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b31929aff4d957ddf5b729ba06a00a0444637becc2b2a26b634e35148e28e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 19:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/729954304/ 42 B
548 B 148ms
53ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/729954304/?random=1667503819552&cv=11&fst=1667502000000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.claremontgi.com%2Fbalanced-workplaces%2F&tiba=Balanced%20Workplaces%20%7C%20Claremont&fmt=3&is_vtc=1&random=2163767645&rmt_tld=0&ipr=y

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 19:30:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/729954304/ 42 B
548 B 152ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/729954304/?random=1667503819552&cv=11&fst=1667502000000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.claremontgi.com%2Fbalanced-workplaces%2F&tiba=Balanced%20Workplaces%20%7C%20Claremont&fmt=3&is_vtc=1&random=2163767645&rmt_tld=1&ipr=y

Requested by

Host: www.claremontgi.com
URL: https://www.claremontgi.com/balanced-workplaces/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 19:30:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 any Show response
idx.liadm.com/idex/unknown/ 0
198 B 387ms
138ms XHR
text/plain 174.129.125.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/any?gdpr=1&n3pc=1

Requested by

Host: secure.aiea6gaza.com
URL: https://secure.aiea6gaza.com/js/166562.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

174.129.125.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-125-147.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.claremontgi.com
date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: efb4629e4263ffa2
vary: Origin
request-time: 18

GET
H/1.1 200
OK event.jpeg
www.pages02.net/WTS/ 0
474 B 498ms
122ms Image
image/jpeg 23.21.150.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pages02.net/WTS/event.jpeg?accesskey=654b5a7b-14f69211a24-3f3d5eceea4051b7c82d96ba93c1b04e&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=25d2b31a-46c7-db73-b94d-1e561239322c&webSyncID=e551a050-d315-d708-23b0-2e6643ab428e&url=https%3A%2F%2Fwww.claremontgi.com%2Fbalanced-workplaces%2F&newSiteVisit=1&hostname=www.claremontgi.com&pathname=%2Fbalanced-workplaces%2F&newPageVisit=1&eventKey=ab9e6d60-e825-5b20-1e3b-0147324c0799

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.150.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-150-130.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 19:30:20 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Server: Apache
p3p: CP="CAO PSA OUR"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection: close
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 121 B
403 B 102ms
62ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 616260
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:56 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861b1a5c7720-LHR

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 76 KB
27 KB 111ms
72ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 346189
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861b1a677720-LHR

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 206 KB
61 KB 134ms
95ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 616260
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"70dac54eca3bb2143032bc4db3237623"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861b1a6e7720-LHR

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 192 KB
40 KB 206ms
167ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9da9d620cd1b9d05fc1f826406dcfd9fa524c32b8a41281f5c7b63355f56e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 616260
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"37e555e4ffba86d238c6b19fb69bad9e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861b1a747720-LHR

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 2 KB
1 KB 103ms
65ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d218a82c89d203d9aa4cd01c04fc5fec48cb61810661368af7e17813f86f4523

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 616260
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"28824857224eeeac7394f7755fa2d3ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861b1a4e7720-LHR

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 151 B
391 B 105ms
67ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5f20009c5e51983a11f5ee3e/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
Origin: https://www.claremontgi.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 616259
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861b1a527720-LHR

GET
H3 200 Insight-Report-Mockup-V2-No-Shadows.png
www.claremontgi.com/wp-content/uploads/2022/09/ 535 KB
535 KB 38ms
37ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/uploads/2022/09/Insight-Report-Mockup-V2-No-Shadows.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: ae25fd5722544dae47faefd7fc435fc26f3604f123087b87c81e5af54b7c2183

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:18 GMT
last-modified: Wed, 21 Sep 2022 14:15:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 547511
expires: max-age=A10368000, public

GET
H3 200 ball-1.png
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 44 KB
44 KB 36ms
36ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ball-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: ab6ccd6c955766183247ce64f499a95f7b2dd86fb77f42c52ce25b786549f50d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:18 GMT
last-modified: Tue, 06 Sep 2022 10:56:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 44708
expires: max-age=A10368000, public

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 166ms
166ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5f20009c5e51983a11f5ee3e&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6164147263fb6669cfe0ee2ce4600ec649cee345242347aa531b1e3e82b2080d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-kq46
server: cloudflare
etag: W/"2-18-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7647861c7ffc76e7-LHR
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 711ms
675ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a69350626ab1ba0a6eac92eb46ab9dda0e41f58d1cd890fd11c5cc649dbdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.claremontgi.com
access-control-allow-credentials: true
cf-ray: 7647861dccb57539-LHR
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-txpv

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 167ms
166ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.claremontgi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.claremontgi.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7647861c883476e7-LHR
date: Thu, 03 Nov 2022 19:30:20 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-54vj

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/languages/ 16 KB
4 KB 86ms
53ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623033
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:56 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7647861dbe0e746c-LHR

GET
H3 200 ball-1.png
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 44 KB
44 KB 30ms
30ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ball-1.png
Requested by: Host: www.claremontgi.com
URL: https://www.claremontgi.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: ab6ccd6c955766183247ce64f499a95f7b2dd86fb77f42c52ce25b786549f50d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:19 GMT
last-modified: Tue, 06 Sep 2022 10:56:53 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 44708
expires: max-age=A10368000, public

GET
H3 200 ball-4.png
www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ 43 KB
43 KB 33ms
33ms Image
image/png 77.72.2.36
KRYSTAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claremontgi.com/wp-content/themes/claremont-2022/insight-report/assets/ball-4.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 77.72.2.36 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS: azreal-lon1.krystal.uk
Software: LiteSpeed /
Resource Hash: c15be72decf8cb0f21dde6451a9c5f624ccaeaab689204c2302414053a7f4345

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/balanced-workplaces/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:19 GMT
last-modified: Thu, 08 Sep 2022 14:36:52 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 43627
expires: max-age=A10368000, public

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 7 KB
2 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786222e32746c-LHR

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 16 KB
5 KB 49ms
48ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54f0c530a8feefb10c1b62cf90baeefdac87ad734fb34cff4850f6f1642d05f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"7a1cce8ba15e49dc07d33b416f0fda26"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786222e33746c-LHR

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 15 KB
5 KB 41ms
40ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f1b94b300055cae1502d615576118b05029df79850f15d7ced13b865dd3eb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"35b74b4d87efe5782e575c273fce182b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786222e37746c-LHR

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 942 B
714 B 41ms
41ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:56 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786223e3e746c-LHR

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 546 B
603 B 38ms
37ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786223e41746c-LHR

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 11 KB
4 KB 77ms
76ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:56 GMT
server: cloudflare
etag: W/"a92075fd9ac5ba130387a80453676099"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786223e43746c-LHR

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/635a92a45e8/js/ 72 KB
16 KB 68ms
68ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc60e6c2f43477d53de0cd15c72b092937771c648a09772f28cd2a2e67ee74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"7031f234532c26d04cce67a704e934f4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786223e45746c-LHR

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/635a92a45e8/css/ Frame 1C4A 37 KB
8 KB 64ms
61ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
cf-polished: origSize=38268
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 76478622bf26746c-LHR

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/635a92a45e8/css/ Frame 2F1D 24 KB
5 KB 39ms
39ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623034
cf-polished: origSize=24960
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 764786230fc2746c-LHR

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/635a92a45e8/css/ Frame 4EDB 74 KB
14 KB 65ms
64ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/635a92a45e8/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 623033
cf-polished: origSize=75771
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 27 Oct 2022 14:17:55 GMT
server: cloudflare
etag: W/"0158db159e8967dbda5865ed6b2e435d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 76478623583c746c-LHR

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 122ms
52ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.claremontgi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13928802
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19130-FRA, cache-cdg20768-CDG
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDjgH1RB93Q5%2Fy1uhNkgAlLFFI4mZX69neA4uquRgyUx7NUA4bQpa7kHDgtndvacSIK%2FjNLh28bw%2FehIQcucoHm385t%2FUbfdTG8b0lXe14RNqFa1GdZclVF1NGXVswQH4e2JuIAj8%2BObgNSiMdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76478623deaf8e2d-LHR

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
283 B 141ms
141ms Fetch
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/635a92a45e8/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.claremontgi.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 03 Nov 2022 19:30:21 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.claremontgi.com
access-control-allow-credentials: true
cf-ray: 764786267c9d7720-LHR
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-6vxn

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 145ms
144ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.claremontgi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.claremontgi.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 764786258abc7720-LHR
date: Thu, 03 Nov 2022 19:30:21 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-30wr

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.claremontgi.com/	1970-01-20 09:21:19	Name: _gcl_au Value: 1.1.1754930004.1667503820
www.sc.pages02.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 529522698.17439.0000
.doubleclick.net/	1970-01-20 07:11:44	Name: test_cookie Value: CheckForPermission
.claremontgi.com/	1970-01-20 16:47:43	Name: com.silverpop.iMAWebCookie Value: e551a050-d315-d708-23b0-2e6643ab428e
.claremontgi.com/	1970-01-20 07:11:45	Name: com.silverpop.iMA.session Value: 25d2b31a-46c7-db73-b94d-1e561239322c
.claremontgi.com/	1970-01-20 07:11:45	Name: com.silverpop.iMA.page_visit Value: 742021788:
www.claremontgi.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: 4B8SevhpeFWsMuzFWhve_
www.pages02.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 529522698.4525.0000
www.claremontgi.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.claremontgi.com/	1970-01-20 11:30:55	Name: twk_uuid_5f20009c5e51983a11f5ee3e Value: %7B%22uuid%22%3A%221.WroQAeAeaHNITqW474Kwum9VYGy2YcuXORjoSy9XbFhmMq3l1lAvICVeU7UZDe9dupifygsnTi4rZKTAXTa1a9grh5fpO0ckqfAZnpGXYzsjen8b1XRsMg0ii%22%2C%22version%22%3A3%2C%22domain%22%3A%22claremontgi.com%22%2C%22ts%22%3A1667503821129%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.claremontgi.com/balanced-workplaces/ Message: The resource https://www.claremontgi.com/wp-content/themes/claremont-2022/slick/fonts/slick.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idx.liadm.com
secure.aiea6gaza.com
tracking1.force24.co.uk
va.tawk.to
www.claremontgi.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.pages02.net
www.sc.pages02.net
174.129.125.147
23.21.150.130
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700::6810:5914
2606:4700::6811:190e
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
51.11.20.152
52.222.139.103
77.72.2.36
84.18.197.167
0f6e17c87031253eee1635548e6721b307a4038c5dcacaca2b5e735429d10ab9
1031f2b5f400710b36a820816d712114b6c829810609e9f03040fef134282ba8
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1ada7254d56b874ce6b5160f7d4790dac2482844e440ae87c4f1f9223870befa
1b31929aff4d957ddf5b729ba06a00a0444637becc2b2a26b634e35148e28e89
1d522e017fa70ed217d90345a07538665040da77afdf25fb7f8c39fbc155e3f7
1d71fdf8a6b10d532969edb5325f9de5049e5ffd3dd4c355cb59232fcd7274a5
23a835419541cfc9afdd2e4f9bf0bb72e7c209729d86a89400d89f3082b8598f
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
3160c36a21b43567d4e2c6eb3e5ee9210b1462d3a4a82a98f63b2a5fc4267cd6
3aab6b0bf070e6dd4c7dd3dc422505e92d2db9cdbc6ef6079147f3b6dfa67e8b
3f1b94b300055cae1502d615576118b05029df79850f15d7ced13b865dd3eb98
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
54c75d0079c308d114b9b48bff06c9b600ca1428dc19edb56fba413176ba0d85
54f0c530a8feefb10c1b62cf90baeefdac87ad734fb34cff4850f6f1642d05f9
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
595c8179e94fddabd1598615229afa5ef273638874474dace749f2a9971074b3
6164147263fb6669cfe0ee2ce4600ec649cee345242347aa531b1e3e82b2080d
65fe3c1ab11bfbdcc3703b7f21597b5b0b4f684bc8ffd9b96524c2e8f35d5af1
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
86b7c90fb991e4ed5f9429be971857209ad8e965c6373203e49c14874992d5f2
89500169e17a4e1824d08100da8ca3f60958832eeb2073370faf00f169425612
8dc60e6c2f43477d53de0cd15c72b092937771c648a09772f28cd2a2e67ee74c
91ba2e353367a2511b2db01d558e01a732b25b4bfdc3b9a614df9bdadb05a6d4
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
ab6ccd6c955766183247ce64f499a95f7b2dd86fb77f42c52ce25b786549f50d
ae1c94962326c452bcd985ccd9532e8f59c326ec359cb40b6b93b089431be3a9
ae25fd5722544dae47faefd7fc435fc26f3604f123087b87c81e5af54b7c2183
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c15be72decf8cb0f21dde6451a9c5f624ccaeaab689204c2302414053a7f4345
c9da9d620cd1b9d05fc1f826406dcfd9fa524c32b8a41281f5c7b63355f56e1c
cd0ae6920ab207a20eed2805f76afdf0e097b927dd1bd949b6ea9bc583afb3fc
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
d218a82c89d203d9aa4cd01c04fc5fec48cb61810661368af7e17813f86f4523
d7a69350626ab1ba0a6eac92eb46ab9dda0e41f58d1cd890fd11c5cc649dbdcf
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
dcd4b39b26655161eeba4c8863e9546d89093834d7652de1bd6742f2358076c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fc6fb7a96bf11d012d5293e93f739f2de1145642be3aa782a324b9eb42437263
ff9f8cdfd40abe40f9d4842ee8a40b3596220f612b916971ec2aa690a6e86651

www.claremontgi.com Open in urlscan Pro 77.72.2.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

60 %IPv6

14 Domains

16 Subdomains

16 IPs

3 Countries

2660 kBTransfer

4102 kBSize

10 Cookies

5 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.claremontgi.com Open in urlscan Pro
77.72.2.36 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

2660 kB
Transfer

4102 kB
Size

10
Cookies

60 HTTP transactions
1 data transactions