urlscan.io logo urlscan.io
SecurityTrails logo

0.clockwerkday.online Open in urlscan Pro
188.166.68.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Effective URL: https://0.clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox
Submission: On February 21 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 7 domains to perform 36 HTTP transactions. The main IP is 188.166.68.96, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is 0.clockwerkday.online.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.
This is the only time 0.clockwerkday.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 41.203.18.40 37153 (xneelo)
1 4 45.9.150.78 49447 (NICEIT)
1 192.0.77.32 2635 (AUTOMATTIC)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 188.166.68.96 14061 (DIGITALOC...)
36 10
22    41.203.18.40 (South Africa)

ASN37153 (xneelo, ZA)
PTR: www40.jnb2.host-h.net
tritansecurity.co.za
www.tritansecurity.co.za
4    45.9.150.78 (Switzerland)

ASN49447 (NICEIT, DM)
ads.specialadves.com
click.specialadves.com
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    188.166.68.96 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
clockwerkday.online
0.clockwerkday.online
Apex Domain
Subdomains		 Transfer
22 tritansecurity.co.za
tritansecurity.co.za
www.tritansecurity.co.za
333 KB
4 specialadves.com
ads.specialadves.com
click.specialadves.com
2 KB
2 clockwerkday.online
clockwerkday.online Failed
0.clockwerkday.online
69 KB
2 gstatic.com
fonts.gstatic.com
70 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
7 KB
2 wp.com
s0.wp.com — Cisco Umbrella Rank: 5774
stats.wp.com — Cisco Umbrella Rank: 2460
6 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1579
7 KB
36 7
Domain Requested by
20 www.tritansecurity.co.za www.tritansecurity.co.za
2 click.specialadves.com ads.specialadves.com
click.specialadves.com
2 fonts.gstatic.com fonts.googleapis.com
2 ads.specialadves.com 1 redirects www.tritansecurity.co.za
ads.specialadves.com
2 tritansecurity.co.za 1 redirects www.tritansecurity.co.za
1 0.clockwerkday.online www.tritansecurity.co.za
1 clockwerkday.online click.specialadves.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.tritansecurity.co.za
1 stats.wp.com www.tritansecurity.co.za
1 secure.gravatar.com www.tritansecurity.co.za
1 s0.wp.com www.tritansecurity.co.za
36 12

This site contains no links.

Subject Issuer Validity Valid
tritansecurity.co.za
R3		 2022-01-15 -
2022-04-15		 3 months crt.sh
ads.specialadves.com
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
click.specialadves.com
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
clockwerkday.online
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://0.clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox
Frame ID: 3031394E08EB66113FE12D5A5D64EAF8
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking your browser

Page URL History Show full URLs

  1. https://tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq HTTP 301
    https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq Page URL
  2. https://ads.specialadves.com/s.php?id=463-24-745783-2 HTTP 302
    https://click.specialadves.com/c.php?id=883-435852-23-86699434 Page URL
  3. https://click.specialadves.com/go.php?id=8953-344-8333 Page URL
  4. https://clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox Page URL
  5. https://0.clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

36
Requests

92 %
HTTPS

44 %
IPv6

7
Domains

12
Subdomains

10
IPs

6
Countries

494 kB
Transfer

1076 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq HTTP 301
    https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq Page URL
  2. https://ads.specialadves.com/s.php?id=463-24-745783-2 HTTP 302
    https://click.specialadves.com/c.php?id=883-435852-23-86699434 Page URL
  3. https://click.specialadves.com/go.php?id=8953-344-8333 Page URL
  4. https://clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox Page URL
  5. https://0.clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq HTTP 301
  • https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Request Chain 30
  • https://ads.specialadves.com/s.php?id=463-24-745783-2 HTTP 302
  • https://click.specialadves.com/c.php?id=883-435852-23-86699434

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.tritansecurity.co.za/b/j/
Redirect Chain
  • https://tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
  • https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
36 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
f9d6b42f7429173375ae03569a8b709eb8f50fe8e7604bdbd6a5eadd3781df23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 21 Feb 2022 23:56:44 GMT
server
Apache
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.tritansecurity.co.za/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8

Redirect headers

date
Mon, 21 Feb 2022 23:56:43 GMT
server
Apache
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
location
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
content-length
0
content-type
text/html; charset=UTF-8
styles.css
www.tritansecurity.co.za/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:11 GMT
server
Apache
etag
"6cf-580ed96e8d8c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
671
settings.css
www.tritansecurity.co.za/wp-content/plugins/revslider/public/assets/css/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:09 GMT
server
Apache
etag
"9b46-580ed96ca5440-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9545
fl-icons.css
www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/ 		369 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:05 GMT
server
Apache
etag
"171-580ed968d4b40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
187
flatsome.css
www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/ 		133 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.5.0
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
50c5542baa10cd6eb1cdf02de81346e65210b125025d5d9893a0ccb0443a87db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:05 GMT
server
Apache
etag
"21529-580ed968d4b40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
28759
style.css
www.tritansecurity.co.za/wp-content/themes/flatsome-child/ 		303 B
286 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/themes/flatsome-child/style.css?ver=3.5.0
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
61971a06f7ba6959fa232b1137d1de182bf156368ca45164f90dfb1a48941ab3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:08 GMT
server
Apache
etag
"12f-580ed96bb1200-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
211
jetpack.css
www.tritansecurity.co.za/wp-content/plugins/jetpack/css/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/jetpack/css/jetpack.css?ver=6.8.3
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
c289bb24eefba72fee6c77b76ff86b56d5f344a59c167d7e6ca5506930ba0d19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 11:53:34 GMT
server
Apache
etag
"10e62-5c3db3987ab80-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12267
jquery.js
www.tritansecurity.co.za/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 12:47:30 GMT
server
Apache
etag
"17a6a-591cdb97f3c80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
33776
jquery-migrate.min.js
www.tritansecurity.co.za/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:05 GMT
server
Apache
etag
"2748-580ed968d4b40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4014
jquery.themepunch.tools.min.js
www.tritansecurity.co.za/wp-content/plugins/revslider/public/assets/js/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:11 GMT
server
Apache
etag
"1afe4-580ed96e8d8c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
38337
jquery.themepunch.revolution.min.js
www.tritansecurity.co.za/wp-content/plugins/revslider/public/assets/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:11 GMT
server
Apache
etag
"fdb5-580ed96e8d8c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
18090
wp-emoji-release.min.js
www.tritansecurity.co.za/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-includes/js/wp-emoji-release.min.js?ver=4.9.19
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 10:32:41 GMT
server
Apache
etag
"2ea7-5c000620b6440-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4347
logo-1.png
tritansecurity.co.za/wp-content/uploads/2019/01/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tritansecurity.co.za/wp-content/uploads/2019/01/logo-1.png
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
7f0aaa9baab9fa87b773979ff620b46203c46b1f68b562868f1c006606034297

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
last-modified
Sat, 02 Feb 2019 18:40:17 GMT
server
Apache
accept-ranges
bytes
etag
"11bb8-580ed97446640"
content-length
72632
content-type
image/png
logo-2-300x88.png
www.tritansecurity.co.za/wp-content/uploads/2019/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tritansecurity.co.za/wp-content/uploads/2019/01/logo-2-300x88.png
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
eaf8ea41ee6c19dec324805457c673327ad86900f41e151481e9b553f4421f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
last-modified
Sat, 02 Feb 2019 18:40:17 GMT
server
Apache
accept-ranges
bytes
etag
"348b-580ed97446640"
content-length
13451
content-type
image/png
/
ads.specialadves.com/ping/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.specialadves.com/ping/?crampress.j
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.9.150.78 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 23:56:46 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/plain; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
scripts.js
www.tritansecurity.co.za/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:11 GMT
server
Apache
etag
"3976-580ed96e8d8c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4047
devicepx-jetpack.js
s0.wp.com/wp-content/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202208
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
br
server
nginx
etag
W/"5bfee312-52b6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Mon, 20 Feb 2023 15:26:47 GMT
gprofiles.js
secure.gravatar.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/js/gprofiles.js?ver=2022Febaa
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
br
last-modified
Thu, 02 Apr 2020 15:50:36 GMT
server
nginx
etag
W/"5e8609cc-5dea"
content-type
application/javascript
cache-control
max-age=604800
expires
Mon, 28 Feb 2022 23:56:45 GMT
wpgroho.js
www.tritansecurity.co.za/wp-content/plugins/jetpack/modules/ 		1015 B
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.9.19
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
8f2270058422f39ff89104cec8f21350c09c033a28ad8ef72d82f76f56960440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 11:53:34 GMT
server
Apache
etag
"3f7-5c3db3987ab80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
489
flatsome-live-search.js
www.tritansecurity.co.za/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.5.0
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:05 GMT
server
Apache
etag
"3e04-580ed968d4b40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5106
hoverIntent.min.js
www.tritansecurity.co.za/wp-includes/js/ 		1 KB
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
124f0860b7201dc2fa46889b30ac0e4269e84ac2e71c33dc025ed14ed15bd8f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 10:32:41 GMT
server
Apache
etag
"43f-5c000620b6440-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
464
flatsome.js
www.tritansecurity.co.za/wp-content/themes/flatsome/assets/js/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.5.0
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
517ae7db32ecefacfb2d4c120f74a518fcecc0f31a901d364081d33269d23364

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Sat, 02 Feb 2019 18:40:05 GMT
server
Apache
etag
"27059-580ed968d4b40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
46899
wp-embed.min.js
www.tritansecurity.co.za/wp-includes/js/ 		1 KB
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-includes/js/wp-embed.min.js?ver=4.9.19
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 10:32:41 GMT
server
Apache
etag
"56f-5c000620b6440-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
739
e-202208.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202208.js
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 21 Feb 2022 23:56:45 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 12 Feb 2023 22:54:15 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Feb 2023 18:59:48 GMT
fl-icons.woff2
www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/icons/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
41.203.18.40 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
www40.jnb2.host-h.net
Software
Apache /
Resource Hash
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e

Request headers

Referer
https://www.tritansecurity.co.za/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Origin
https://www.tritansecurity.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:56:45 GMT
last-modified
Sat, 02 Feb 2019 18:40:05 GMT
server
Apache
accept-ranges
bytes
etag
"1578-580ed968d4b40"
content-length
5496
content-type
font/woff2
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:regular,700%7CRaleway:regular,regular%7CRaleway:regular,500%7CDancing+Script
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a2dfe874a55d9f67085b6d6514468f5dc672d91a8df16bfc705a92f7735ebb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 23:56:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 21 Feb 2022 23:56:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Feb 2022 23:56:45 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:regular,700%7CRaleway:regular,regular%7CRaleway:regular,500%7CDancing+Script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tritansecurity.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:48:55 GMT
x-content-type-options
nosniff
age
536871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 18:48:55 GMT
If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
fonts.gstatic.com/s/dancingscript/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v22/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:regular,700%7CRaleway:regular,regular%7CRaleway:regular,500%7CDancing+Script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a38ccdde053e04b0ca3145abfd9198deccde79dc94ce1f8296defe8d5bc20968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tritansecurity.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:03:18 GMT
x-content-type-options
nosniff
age
528808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:45:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 21:03:18 GMT
s.php
ads.specialadves.com/ 		0
0
c.php
click.specialadves.com/
Redirect Chain
  • https://ads.specialadves.com/s.php?id=463-24-745783-2
  • https://click.specialadves.com/c.php?id=883-435852-23-86699434
430 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.specialadves.com/c.php?id=883-435852-23-86699434
Requested by
Host: ads.specialadves.com
URL: https://ads.specialadves.com/ping/?crampress.j
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.9.150.78 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq

Response headers

Server
nginx
Date
Mon, 21 Feb 2022 23:56:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
296
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 21 Feb 2022 23:56:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://click.specialadves.com/c.php?id=883-435852-23-86699434
go.php
click.specialadves.com/ 		0
0
go.php
click.specialadves.com/ 		259 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.specialadves.com/go.php?id=8953-344-8333
Requested by
Host: click.specialadves.com
URL: https://click.specialadves.com/c.php?id=883-435852-23-86699434
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.9.150.78 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://click.specialadves.com/c.php?id=883-435852-23-86699434

Response headers

Server
nginx
Date
Mon, 21 Feb 2022 23:56:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
196
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Content-Encoding
gzip
/
clockwerkday.online/ 		0
0
/
clockwerkday.online/ 		50 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox
Requested by
Host: click.specialadves.com
URL: https://click.specialadves.com/go.php?id=8953-344-8333
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
302ec86a20df85eef570daed214335c42b914a489acc1cc6a9f419ff68ea88a0
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://click.specialadves.com/

Response headers

server
nginx
date
Mon, 21 Feb 2022 23:56:47 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
0.clockwerkday.online/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox
Requested by
Host: www.tritansecurity.co.za
URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e9ed8730df129be9fb31907a259298636ac9db49e264ec2cd6161bafb42e311c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://clockwerkday.online/

Response headers

server
nginx
date
Mon, 21 Feb 2022 23:56:47 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.specialadves.com
URL
https://ads.specialadves.com/s.php?id=463-24-745783-2
Domain
click.specialadves.com
URL
https://click.specialadves.com/go.php?id=8953-344-8333
Domain
clockwerkday.online
URL
https://clockwerkday.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=specials&sub2=creativebox

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| urlB64ToUint8Array

4 Cookies

Domain/Path Name / Value
tritansecurity.co.za/ Name: simplevisitor
Value: 1
www.tritansecurity.co.za/ Name: simplevisitor
Value: 1
.clockwerkday.online/ Name: uuid
Value: aa417393-c09d-4509-92a0-6e48b706c2f6
.0.clockwerkday.online/ Name: uuid
Value: aa417393-c09d-4509-92a0-6e48b706c2f6

1 Console Messages

Source Level URL
Text
network error URL: https://www.tritansecurity.co.za/b/j/?NLvomTizG4K2VBUEq
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.clockwerkday.online
ads.specialadves.com
ajax.googleapis.com
click.specialadves.com
clockwerkday.online
fonts.googleapis.com
fonts.gstatic.com
s0.wp.com
secure.gravatar.com
stats.wp.com
tritansecurity.co.za
www.tritansecurity.co.za
ads.specialadves.com
click.specialadves.com
clockwerkday.online
188.166.68.96
192.0.76.3
192.0.77.32
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a04:fa87:fffe::c000:4902
41.203.18.40
45.9.150.78
124f0860b7201dc2fa46889b30ac0e4269e84ac2e71c33dc025ed14ed15bd8f0
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed
302ec86a20df85eef570daed214335c42b914a489acc1cc6a9f419ff68ea88a0
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
3a2dfe874a55d9f67085b6d6514468f5dc672d91a8df16bfc705a92f7735ebb4
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
50c5542baa10cd6eb1cdf02de81346e65210b125025d5d9893a0ccb0443a87db
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
517ae7db32ecefacfb2d4c120f74a518fcecc0f31a901d364081d33269d23364
61971a06f7ba6959fa232b1137d1de182bf156368ca45164f90dfb1a48941ab3
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
7f0aaa9baab9fa87b773979ff620b46203c46b1f68b562868f1c006606034297
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8f2270058422f39ff89104cec8f21350c09c033a28ad8ef72d82f76f56960440
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
a38ccdde053e04b0ca3145abfd9198deccde79dc94ce1f8296defe8d5bc20968
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
c289bb24eefba72fee6c77b76ff86b56d5f344a59c167d7e6ca5506930ba0d19
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
e9ed8730df129be9fb31907a259298636ac9db49e264ec2cd6161bafb42e311c
eaf8ea41ee6c19dec324805457c673327ad86900f41e151481e9b553f4421f6c
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
f9d6b42f7429173375ae03569a8b709eb8f50fe8e7604bdbd6a5eadd3781df23
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e