auth.canoa.app Open in urlscan Pro
2606:4700::6810:abfd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://linkedin.canoa.app/
Effective URL:
https://auth.canoa.app/u/login?state=hKFo2SBjS0lYUk1rZW9HaE95Q083QVBQT1lXcktXanIxWWVJa6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZID...
Submission Tags: @phishunt_io
Submission: On June 24 via api (June 24th 2022, 4:52:21 am UTC) from DE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6810:abfd, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.canoa.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2022. Valid for: a year.

This is the only time auth.canoa.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	52.204.242.176 52.204.242.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:2600:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:abfd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.103.120 143.204.103.120	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2010	15169 (GOOGLE) (GOOGLE)
14	10

5 52.204.242.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-242-176.compute-1.amazonaws.com

linkedin.canoa.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2600:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pendo-io-static.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:abfd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.canoa.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	canoa.app 1 redirects linkedin.canoa.app auth.canoa.app	1 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 pendo-io-static.storage.googleapis.com — Cisco Umbrella Rank: 26431 storage.googleapis.com — Cisco Umbrella Rank: 422	160 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 8726	52 KB
1	gstatic.com fonts.gstatic.com	37 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1006	143 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	26 KB
14	6

	Domain	Requested by
5	linkedin.canoa.app	linkedin.canoa.app
2	auth.canoa.app	1 redirects linkedin.canoa.app
1	storage.googleapis.com	auth.canoa.app
1	cdn.auth0.com	auth.canoa.app
1	fonts.gstatic.com	fonts.googleapis.com
1	pendo-io-static.storage.googleapis.com	cdn.pendo.io
1	fonts.googleapis.com	linkedin.canoa.app
1	cdn.pendo.io	linkedin.canoa.app
1	cdn.jsdelivr.net	linkedin.canoa.app
14	9

This site contains no links.

Subject Issuer	Validity	Valid
linkedin.canoa.app R3	`2022-06-23` - `2022-09-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
auth.canoa.app Cloudflare Inc ECC CA-3	`2022-03-17` - `2023-03-16`	a year	crt.sh
*.auth0.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.canoa.app/u/login?state=hKFo2SBjS0lYUk1rZW9HaE95Q083QVBQT1lXcktXanIxWWVJa6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDVTM2hJSm5qTi10X3BIeTVvRVhfVTZjbENOdUxqTHgxo2NpZNkgeEt5d212T2RqMWZVUHNySEdtZG80UXI0R0RhdVBNdFA
Frame ID: A4B473249DAF703A5C921E5B4982BA5B
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in | CANOA

Page URL History Show full URLs

https://linkedin.canoa.app/ Page URL
https://auth.canoa.app/authorize?audience=https%3A%2F%2Ffloat-api.canoa.app&client_id=xKywmvOdj1fUP... HTTP 302
https://auth.canoa.app/u/login?state=hKFo2SBjS0lYUk1rZW9HaE95Q083QVBQT1lXcktXanIxWWVJa6Fur3VuaXZlcn... Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

14
Requests

93 %
HTTPS

78 %
IPv6

6
Domains

9
Subdomains

10
IPs

2
Countries

1596 kB
Transfer

5862 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://linkedin.canoa.app/ Page URL
https://auth.canoa.app/authorize?audience=https%3A%2F%2Ffloat-api.canoa.app&client_id=xKywmvOdj1fUPsrHGmdo4Qr4GDauPMtP&redirect_uri=https%3A%2F%2Flinkedin.canoa.app&scope=openid%20profile%20email&response_type=code&response_mode=query&state=STJ2flUtWHhSV2ZscjNMZlUxd2h4M2hwZGRUOExTVXhDQUpzWFp1QTZoag%3D%3D&nonce=QUVnWlliZVRhRFhGajJyd0xPT1FLY0MwWVZVX2FxMW55Q25QaFk5c29iRw%3D%3D&code_challenge=1BkAx2M1gdhQWpWWYlD4xEYS5CMRo394FFHeY590Ajc&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS41LjAifQ%3D%3D HTTP 302
https://auth.canoa.app/u/login?state=hKFo2SBjS0lYUk1rZW9HaE95Q083QVBQT1lXcktXanIxWWVJa6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDVTM2hJSm5qTi10X3BIeTVvRVhfVTZjbENOdUxqTHgxo2NpZNkgeEt5d212T2RqMWZVUHNySEdtZG80UXI0R0RhdVBNdFA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
linkedin.canoa.app/ 5 KB
3 KB 378ms
103ms Document
text/html 52.204.242.176
AMAZON-AES

General

Domain/Path	Expires	Name / Value
auth.canoa.app/	1970-01-20 12:46:43	Name: did Value: s%3Av0%3A6c667890-f379-11ec-b2a6-e75c8a1fdf67.EhmZGktfwThmM2dmOhCXAQshc7FSmn7I%2BZNO04DU0fQ
auth.canoa.app/	1970-01-20 04:05:05	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQPsOaBAUeGMCvgIOC9r31bG0oI2-rB1IN09zQevMpsCkhshgsVDpCpuhpSVeI2uP6F-2QWWGHI4OXD7DBZuZtOGmY29va2llg6dleHBpcmVz1__fZfEAYrk3ga5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Gw1rAmQSzmgujwZ%2Flt4WEQHPscIX08pOHnqxAUTlwao
auth.canoa.app/	1970-01-20 12:46:43	Name: did_compat Value: s%3Av0%3A6c667890-f379-11ec-b2a6-e75c8a1fdf67.EhmZGktfwThmM2dmOhCXAQshc7FSmn7I%2BZNO04DU0fQ
auth.canoa.app/	1970-01-20 04:05:05	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQPsOaBAUeGMCvgIOC9r31bG0oI2-rB1IN09zQevMpsCkhshgsVDpCpuhpSVeI2uP6F-2QWWGHI4OXD7DBZuZtOGmY29va2llg6dleHBpcmVz1__fZfEAYrk3ga5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Gw1rAmQSzmgujwZ%2Flt4WEQHPscIX08pOHnqxAUTlwao

auth.canoa.app Open in urlscan Pro 2606:4700::6810:abfd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

78 %IPv6

6 Domains

9 Subdomains

10 IPs

2 Countries

1596 kBTransfer

5862 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

auth.canoa.app Open in urlscan Pro
2606:4700::6810:abfd Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

78 %
IPv6

6
Domains

9
Subdomains

10
IPs

2
Countries

1596 kB
Transfer

5862 kB
Size

4
Cookies

14 HTTP transactions
17 data transactions