gtxcel.omeclk.com Open in urlscan Pro
205.162.42.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn...
Submission: On January 02 via manual (January 2nd 2024, 8:06:38 pm UTC) from IN — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 205.162.42.171, located in Lincolnshire, United States and belongs to QTS-AS, US. The main domain is gtxcel.omeclk.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 11th 2023. Valid for: a year.

This is the only time gtxcel.omeclk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	205.162.42.171 205.162.42.171	53866 (QTS-AS) (QTS-AS)
7	72.32.200.236 72.32.200.236	33070 (RMH-14) (RMH-14)
3	2600:9000:225... 2600:9000:225f:e800:11:a844:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
12	3

2 205.162.42.171 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: omeclk.com

gtxcel.omeclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 72.32.200.236 (United States)

ASN33070 (RMH-14, US)
PTR: www3.rodpub.com

www.rodpub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225f:e800:11:a844:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

happi.texterity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	rodpub.com www.rodpub.com	65 KB
3	texterity.com happi.texterity.com	34 KB
2	omeclk.com gtxcel.omeclk.com	21 KB
12	3

	Domain	Requested by
7	www.rodpub.com	gtxcel.omeclk.com
3	happi.texterity.com	gtxcel.omeclk.com
2	gtxcel.omeclk.com	gtxcel.omeclk.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
omeclk.com SSL.com RSA SSL subCA	`2023-07-11` - `2024-07-17`	a year	crt.sh
*.rodpub.com Thawte TLS RSA CA G1	`2023-10-18` - `2024-11-05`	a year	crt.sh
*.texterity.com Amazon RSA 2048 M02	`2023-07-10` - `2024-08-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Frame ID: 3BAEAB067C9F31B36E7CD7512B02F748
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Happi digital issue - January 2024

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

119 kB
Transfer

115 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request ViewCommInBrowser.jsp Show response
gtxcel.omeclk.com/portal/public/ 20 KB
20 KB 615ms
263ms Document
text/html 205.162.42.171
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.171 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

omeclk.com

Software

Apache /

Resource Hash

5aa927ef872b040ffbf1edd56d08579c46f16911c2bc4123bd5892872e91ec3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html;charset=UTF-8
Date: Tue, 02 Jan 2024 20:06:32 GMT
Keep-Alive: timeout=5
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Facebook-icon.png
www.rodpub.com/email/hap/images/SocialIcons/ 1 KB
1 KB 674ms
252ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/hap/images/SocialIcons/Facebook-icon.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: e944af702a240c7be560e33ff1c7165bea51ee8cf454a108f232694c32f828fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Wed, 14 Dec 2016 16:38:35 GMT
Server: Apache
ETag: "65c017-471-543a0f7d038c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1137

GET
H/1.1 200
OK LinkedIn-icon.png
www.rodpub.com/email/hap/images/SocialIcons/ 1 KB
1 KB 683ms
251ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/hap/images/SocialIcons/LinkedIn-icon.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: 0ad273a9b2e93972ef6c55fd4f2a1ab7e3d74b0a00c2ef53488c712f7c3804ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Wed, 14 Dec 2016 16:38:35 GMT
Server: Apache
ETag: "65c016-4a9-543a0f7d038c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1193

GET
H2 200 logo-blacksmall_twitterX_64x64.png
happi.texterity.com/happi/misc/ 3 KB
4 KB 133ms
52ms Image
image/png 2600:9000:225f:e800:11:a844:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://happi.texterity.com/happi/misc/logo-blacksmall_twitterX_64x64.png

Requested by

Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:e800:11:a844:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

lighttpd/1.4.67 /

Resource Hash

46bd839d24c7f0c30e62f7e7c9c069a0663009917798051d6e5f1547a5d7ff9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:36:29 GMT
via: 1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: TXL50-P2
age: 5404
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3188
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 14:45:01 GMT
server: lighttpd/1.4.67
etag: "2039298941"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=7200
permissions-policy: accelerometer=()
accept-ranges: bytes
x-amz-cf-id: M3rwuRvXt4b6p67ONRBTJWfOFFJOxKmX_WX0TXu_AV_Mksjo7vY52Q==

GET
H/1.1 200
OK Instagram-icon1.png
www.rodpub.com/email/hap/images/ 3 KB
3 KB 685ms
255ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/hap/images/Instagram-icon1.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: 6d76f7f813aff1eed8ce49fb0ae55ee69c7ff5455912ee48c279b0dc4efc56be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Thu, 05 Jan 2017 20:50:11 GMT
Server: Apache
ETag: "f1401a-c1f-5455f0c1d26c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3103

GET
H/1.1 200
OK Pinterest-icon.png
www.rodpub.com/email/hap/images/SocialIcons/ 1 KB
2 KB 803ms
130ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/hap/images/SocialIcons/Pinterest-icon.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: 8ed339b3e717770b12634374bf75ae004f978a1bf08835734eaf65781ce54238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Wed, 14 Dec 2016 16:38:35 GMT
Server: Apache
ETag: "65c013-594-543a0f7d038c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1428

GET
H/1.1 200
OK RSS-icon.png
www.rodpub.com/email/hap/images/SocialIcons/ 1 KB
2 KB 744ms
314ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/hap/images/SocialIcons/RSS-icon.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: 6c7678743fb3f01edfded7a8d69c06d462d90be8bbfdde07a6f5dd941a72ec09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Wed, 14 Dec 2016 16:38:35 GMT
Server: Apache
ETag: "65c015-545-543a0f7d038c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1349

GET
H/1.1 200
OK haplo389.png
www.rodpub.com/email/mpo/images/ 49 KB
49 KB 681ms
252ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/mpo/images/haplo389.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: f37f6ae40ea1b657cec13c66c30ebfda2d487bb95dd6b36b71d8ab2bb6e8bf79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Fri, 30 Jul 2021 16:29:00 GMT
Server: Apache
ETag: "760037-c4b3-5c859b782cb00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50355

GET
H2 200 HAP_eNewsletter_web_650x90.jpg
happi.texterity.com/happi/misc/ 15 KB
15 KB 149ms
67ms Image
image/jpeg 2600:9000:225f:e800:11:a844:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://happi.texterity.com/happi/misc/HAP_eNewsletter_web_650x90.jpg

Requested by

Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:e800:11:a844:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

lighttpd/1.4.67 /

Resource Hash

d878b7d38d29c856e910e5306fef3a116ce9577e5a99d902f7f2561b4c3c0a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:36:28 GMT
via: 1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: TXL50-P2
age: 5405
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15304
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 02 Apr 2021 14:55:47 GMT
server: lighttpd/1.4.67
etag: "2812024046"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=7200
permissions-policy: accelerometer=()
accept-ranges: bytes
x-amz-cf-id: P33rRiCQc7_RfQMMVp3cxr7nwHh_hjuymik2626HN77d6D6YhndkkQ==

GET
H2 200 cover.gif
happi.texterity.com/happi/january_2024/ 14 KB
15 KB 104ms
42ms Image
image/gif 2600:9000:225f:e800:11:a844:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://happi.texterity.com/happi/january_2024/cover.gif

Requested by

Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225f:e800:11:a844:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

lighttpd/1.4.67 /

Resource Hash

cb040bc7adff391500cea06bf27b763f1b706ec723438a00d7d916469aed68f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:36:29 GMT
via: 1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: TXL50-P2
age: 5404
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14316
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 23 Dec 2023 09:45:41 GMT
server: lighttpd/1.4.67
etag: "1767113257"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=7200
permissions-policy: accelerometer=()
accept-ranges: bytes
x-amz-cf-id: ZdRQGI5wPSyGTEmBm4yTBUZzGbYj6TgMnUO5TKyqxTACRqxCEt-3AQ==

GET
H/1.1 200
OK gtxcel_logo-green.png
www.rodpub.com/email/cw/images/ 6 KB
6 KB 637ms
250ms Image
image/png 72.32.200.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rodpub.com/email/cw/images/gtxcel_logo-green.png
Requested by: Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.32.200.236 , United States, ASN33070 (RMH-14, US),
Reverse DNS: www3.rodpub.com
Software: Apache /
Resource Hash: b632c7c0c43dcd2492dac997acee270bdc7e03acf5b9bcea0af76b6bb4543bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 20:06:35 GMT
Last-Modified: Wed, 14 Apr 2021 17:41:39 GMT
Server: Apache
ETag: "a1e053-1641-5bff2424ebac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5697

GET
H/1.1 200 uc%5Ec%7CQqf3PA6Vcb-gj0gg.gif
gtxcel.omeclk.com/portal/wts/ 43 B
378 B 353ms
120ms Image
image/gif 205.162.42.171
QTS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gtxcel.omeclk.com/portal/wts/uc%5Ec%7CQqf3PA6Vcb-gj0gg.gif

Requested by

Host: gtxcel.omeclk.com
URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.171 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

omeclk.com

Software

Apache /

Resource Hash

63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 20:06:32 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: no-cache
Connection: close
Keep-Alive: timeout=5
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gtxcel.omeclk.com/portal	1969-12-31 23:59:59	Name: JSESSIONID Value: 24302DF2547D63B2099C88663FB47699

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/Facebook-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/LinkedIn-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://happi.texterity.com/happi/misc/logo-blacksmall_twitterX_64x64.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/Instagram-icon1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/Pinterest-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/RSS-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/mpo/images/haplo389.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://happi.texterity.com/happi/misc/HAP_eNewsletter_web_650x90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA(Line 102) Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/Facebook-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/LinkedIn-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://happi.texterity.com/happi/misc/logo-blacksmall_twitterX_64x64.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/Instagram-icon1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/Pinterest-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/hap/images/SocialIcons/RSS-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/mpo/images/haplo389.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://happi.texterity.com/happi/misc/HAP_eNewsletter_web_650x90.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA Message: Mixed Content: The page at 'https://gtxcel.omeclk.com/portal/public/ViewCommInBrowser.jsp?2I8xi3TTdj9SNlxQ2KgVvUb%2FWC1bJSgjn9rsVCIFB0WBPdJF1bgubezAYn5Jvir7ZhYIHiBsub58JMleFpo6Ug%3D%3DA' was loaded over HTTPS, but requested an insecure element 'http://www.rodpub.com/email/cw/images/gtxcel_logo-green.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gtxcel.omeclk.com
happi.texterity.com
www.rodpub.com
205.162.42.171
2600:9000:225f:e800:11:a844:7440:93a1
72.32.200.236
0ad273a9b2e93972ef6c55fd4f2a1ab7e3d74b0a00c2ef53488c712f7c3804ee
46bd839d24c7f0c30e62f7e7c9c069a0663009917798051d6e5f1547a5d7ff9b
5aa927ef872b040ffbf1edd56d08579c46f16911c2bc4123bd5892872e91ec3d
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15
6c7678743fb3f01edfded7a8d69c06d462d90be8bbfdde07a6f5dd941a72ec09
6d76f7f813aff1eed8ce49fb0ae55ee69c7ff5455912ee48c279b0dc4efc56be
8ed339b3e717770b12634374bf75ae004f978a1bf08835734eaf65781ce54238
b632c7c0c43dcd2492dac997acee270bdc7e03acf5b9bcea0af76b6bb4543bc3
cb040bc7adff391500cea06bf27b763f1b706ec723438a00d7d916469aed68f6
d878b7d38d29c856e910e5306fef3a116ce9577e5a99d902f7f2561b4c3c0a12
e944af702a240c7be560e33ff1c7165bea51ee8cf454a108f232694c32f828fc
f37f6ae40ea1b657cec13c66c30ebfda2d487bb95dd6b36b71d8ab2bb6e8bf79

gtxcel.omeclk.com Open in urlscan Pro 205.162.42.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

119 kBTransfer

115 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

17 Console Messages

Security Headers

Indicators

gtxcel.omeclk.com Open in urlscan Pro
205.162.42.171 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

119 kB
Transfer

115 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions