urlscan.io logo urlscan.io
SecurityTrails logo

gavekal.com Open in urlscan Pro
202.123.206.227  Public Scan

Go To Rescan Add Verdict Report
URL: https://gavekal.com/c/email.cfm?docid=13816&gkid=tiLeZSTiii&src=website&i=1
Submission: On August 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 202.123.206.227, located in Hong Kong and belongs to HKTHOST-AP Powerbase DataCenter Services (HK) Ltd., HK. The main domain is gavekal.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 16th 2017. Valid for: 3 years.
This is the only time gavekal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 202.123.206.227 9925 (HKTHOST-A...)
2 1
Apex Domain
Subdomains		 Transfer
2 gavekal.com
gavekal.com
20 KB
2 1
Domain Requested by
2 gavekal.com gavekal.com
2 1

This site contains links to these domains. Also see Links.

Domain
research.gavekal.com
clashofempires.info
www.gavekal.com
Subject Issuer Validity Valid
*.gavekal.com
COMODO RSA Domain Validation Secure Server CA		 2017-11-16 -
2020-11-15		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://gavekal.com/c/email.cfm?docid=13816&gkid=tiLeZSTiii&src=website&i=1
Frame ID: 97F18223E65931701EFD94AA4384D95B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.cfm(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • url /\.cfm(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

20 kB
Transfer

19 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set email.cfm
gavekal.com/c/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gavekal.com/c/email.cfm?docid=13816&gkid=tiLeZSTiii&src=website&i=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
202.123.206.227 , Hong Kong, ASN9925 (HKTHOST-AP Powerbase DataCenter Services (HK) Ltd., HK),
Reverse DNS
gavekal.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
593747b84820095bdd368a4f91a40beead5b10ca934bbadbbe26917702de3f9e

Request headers

Host
gavekal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Server
Microsoft-IIS/8.5
Set-Cookie
CFID=15840767; Expires=Mon, 03-Aug-2020 19:20:18 GMT; Path=/; HttpOnly CFTOKEN=b1459f82bc637639-E62CD847-C29C-73ED-D247D7300DFEF71F; Expires=Mon, 03-Aug-2020 19:20:18 GMT; Path=/; HttpOnly CFGLOBALS=urltoken%3DCFID%23%3D15840767%26CFTOKEN%23%3Db1459f82bc637639%2DE62CD847%2DC29C%2D73ED%2DD247D7300DFEF71F%23lastvisit%3D%7Bts%20%272020%2D08%2D03%2003%3A20%3A18%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272020%2D08%2D03%2003%3A20%3A18%27%7D%23cftoken%3Db1459f82bc637639%2DE62CD847%2DC29C%2D73ED%2DD247D7300DFEF71F%23cfid%3D15840767%23; Expires=Tue, 26-Jul-2050 19:20:18 GMT; Path=/; HttpOnly
X-Powered-By
ASP.NET
Date
Sun, 02 Aug 2020 19:20:18 GMT
Content-Length
12078
MailHeaderImage.cfm
gavekal.com/c/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gavekal.com/c/MailHeaderImage.cfm?e=GK,13816,tiLeZSTiii.png
Requested by
Host: gavekal.com
URL: https://gavekal.com/c/email.cfm?docid=13816&gkid=tiLeZSTiii&src=website&i=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
202.123.206.227 , Hong Kong, ASN9925 (HKTHOST-AP Powerbase DataCenter Services (HK) Ltd., HK),
Reverse DNS
gavekal.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6a75a2b512043a88f2feb821d428a53af7d039c92e74929e88af66669cc46446

Request headers

Referer
https://gavekal.com/c/email.cfm?docid=13816&gkid=tiLeZSTiii&src=website&i=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 02 Aug 2020 19:20:18 GMT
Content-Disposition
inline; filename=GKMailHeader.png
X-Powered-By
ASP.NET
Content-Length
7090
Server
Microsoft-IIS/8.5
Content-Type
image/jpeg;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
gavekal.com/ Name: CFGLOBALS
Value: urltoken%3DCFID%23%3D15840767%26CFTOKEN%23%3Db1459f82bc637639%2DE62CD847%2DC29C%2D73ED%2DD247D7300DFEF71F%23lastvisit%3D%7Bts%20%272020%2D08%2D03%2003%3A20%3A18%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272020%2D08%2D03%2003%3A20%3A18%27%7D%23cftoken%3Db1459f82bc637639%2DE62CD847%2DC29C%2D73ED%2DD247D7300DFEF71F%23cfid%3D15840767%23
gavekal.com/ Name: CFTOKEN
Value: b1459f82bc637639-E62CD847-C29C-73ED-D247D7300DFEF71F
gavekal.com/ Name: CFID
Value: 15840767

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gavekal.com
202.123.206.227
593747b84820095bdd368a4f91a40beead5b10ca934bbadbbe26917702de3f9e
6a75a2b512043a88f2feb821d428a53af7d039c92e74929e88af66669cc46446