link.eml.canvaspeople.com Open in urlscan Pro
216.48.114.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html
Submission Tags: phishing malicious Search All
Submission: On December 14 via api (December 14th 2020, 3:54:47 pm UTC) from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 216.48.114.234, located in Poughkeepsie, United States and belongs to XAND, US. The main domain is link.eml.canvaspeople.com.

This is the only time link.eml.canvaspeople.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	216.48.114.234 216.48.114.234	11383 (XAND) (XAND)
1	207.45.161.110 207.45.161.110	11383 (XAND) (XAND)
7	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
9	3

2 216.48.114.234 (Poughkeepsie, United States) 1 redirects

ASN11383 (XAND, US)
PTR: link.eml.canvaspeople.com

link.eml.canvaspeople.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.45.161.110 (Ossining, United States)

ASN11383 (XAND, US)
PTR: link.llifi.net

link.llifi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

static.eml.canvaspeople.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	canvaspeople.com 1 redirects link.eml.canvaspeople.com static.eml.canvaspeople.com	244 KB
1	llifi.net link.llifi.net	296 B
9	2

	Domain	Requested by
7	static.eml.canvaspeople.com	link.eml.canvaspeople.com
2	link.eml.canvaspeople.com	1 redirects
1	link.llifi.net	link.eml.canvaspeople.com
9	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html
Frame ID: 20A5144C30746B2DF7CCB06B1FEE22A9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

243 kB
Transfer

245 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://link.eml.canvaspeople.com/s/om?ei=h8427809&si=a923801508&s=y11214&t=81639492221000 HTTP 302
http://link.llifi.net/s/ua?s=11214&si=923801508&open=y

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request ve Show response link.eml.canvaspeople.com/s/	8 KB 3 KB	335ms 311ms	Document text/html	216.48.114.234 XAND
General Check archive.org Show headers Download Go to Full URL http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 216.48.114.234 Poughkeepsie, United States, ASN11383 (XAND, US), Reverse DNS link.eml.canvaspeople.com Software nginx/1.14.0 (Ubuntu) / Resource Hash `5c5cada78e0c0e2f2a577612d8f66bcac627ce5ddb23c5ace38d6f82f6ee89c8` Request headers Host link.eml.canvaspeople.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx/1.14.0 (Ubuntu) date Mon, 14 Dec 2020 15:54:29 GMT content-type text/html;charset=UTF-8 transfer-encoding chunked set-cookie JSESSIONID=807C5BEBF350ECE45AAA2D9294F34D97; Path=/; HttpOnly content-encoding gzip connection close
GET H/1.1	200 OK	ua link.llifi.net/s/ Redirect Chain http://link.eml.canvaspeople.com/s/om?ei=h8427809&si=a923801508&s=y11214&t=81639492221000 http://link.llifi.net/s/ua?s=11214&si=923801508&open=y	42 B 296 B	215ms 195ms	Image image/gif	207.45.161.110 XAND
General Check archive.org Show headers Download Go to Show image Full URL http://link.llifi.net/s/ua?s=11214&si=923801508&open=y Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 207.45.161.110 Ossining, United States, ASN11383 (XAND, US), Reverse DNS link.llifi.net Software nginx/1.14.0 (Ubuntu) / Resource Hash `99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Dec 2020 15:54:30 GMT server nginx/1.14.0 (Ubuntu) connection close content-length 42 content-type image/gif;charset=UTF-8 Redirect headers date Mon, 14 Dec 2020 15:54:30 GMT server nginx/1.14.0 (Ubuntu) p3p policyref="http://link.ixs1.net/w3c/p3p.xml", CP="NON CURa ADMa DEVa TAIi IVAi IVDi CONi OUR SAMi IND PHY ONL UNI COM NAV INT DEM PRE" location http://link.llifi.net/s/ua?s=11214&si=923801508&open=y cache-control no-cache, max-age=0 connection close content-type image/gif;charset=UTF-8 content-length 42
GET H/1.1	200 OK	2017-cp-email-template-holiday.gif static.eml.canvaspeople.com/site/11214/images/	9 KB 10 KB	177ms 6ms	Image image/gif	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/2017-cp-email-template-holiday.gif Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `350749bbaa9761eaaa2457965a837f752023e7abc5b22554d4a6d807af4a1cf7` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Wed, 29 Nov 2017 17:41:39 GMT Server keycdn-engine X-Edge-Location defr etag "5a1ef153-2520" X-Cache HIT Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/2017-cp-email-template-holiday.gif>; rel="canonical" Content-Length 9504 Expires Mon, 21 Dec 2020 15:54:30 GMT
GET H/1.1	200 OK	121220-eml-cp-us-199-11x14_01.jpg static.eml.canvaspeople.com/site/11214/images/	15 KB 15 KB	176ms 7ms	Image image/jpeg	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/121220-eml-cp-us-199-11x14_01.jpg Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `294beca39d7a1efc60dbe3559491750c53c979b5dc65d9cc9195b3312664f19b` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Wed, 09 Dec 2020 21:59:16 GMT Server keycdn-engine X-Edge-Location defr etag "5fd148b4-3b47" X-Cache HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/121220-eml-cp-us-199-11x14_01.jpg>; rel="canonical" Content-Length 15175 Expires Mon, 21 Dec 2020 15:54:30 GMT
GET H/1.1	200 OK	121220-eml-cp-us-199-11x14_02.jpg static.eml.canvaspeople.com/site/11214/images/	79 KB 79 KB	176ms 7ms	Image image/jpeg	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/121220-eml-cp-us-199-11x14_02.jpg Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `392f3fe1853e820dc852f3401afc26952502189ad1388450aa244422abaed9fa` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Wed, 09 Dec 2020 21:59:17 GMT Server keycdn-engine X-Edge-Location defr etag "5fd148b5-13aa6" X-Cache HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/121220-eml-cp-us-199-11x14_02.jpg>; rel="canonical" Content-Length 80550 Expires Mon, 21 Dec 2020 15:54:30 GMT
GET H/1.1	200 OK	121220-eml-cp-us-199-11x14_03.jpg static.eml.canvaspeople.com/site/11214/images/	28 KB 29 KB	177ms 8ms	Image image/jpeg	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/121220-eml-cp-us-199-11x14_03.jpg Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `401884460e579449db32e42f4381596aac08694c62da50575f1e6734c42d30c8` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Wed, 09 Dec 2020 21:59:17 GMT Server keycdn-engine X-Edge-Location defr etag "5fd148b5-7124" X-Cache HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/121220-eml-cp-us-199-11x14_03.jpg>; rel="canonical" Content-Length 28964 Expires Mon, 21 Dec 2020 15:54:30 GMT
GET H/1.1	200 OK	121220-eml-cp-us-199-11x14_04.jpg static.eml.canvaspeople.com/site/11214/images/	98 KB 99 KB	176ms 7ms	Image image/jpeg	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/121220-eml-cp-us-199-11x14_04.jpg Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `d68fd6cd133c6ae04ee61d43e8f625445248d3f3fd78c36173165bba7ab4817f` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Wed, 09 Dec 2020 21:59:17 GMT Server keycdn-engine X-Edge-Location defr etag "5fd148b5-189e3" X-Cache HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/121220-eml-cp-us-199-11x14_04.jpg>; rel="canonical" Content-Length 100835 Expires Mon, 21 Dec 2020 15:54:30 GMT
GET H/1.1	200 OK	facebook.jpg static.eml.canvaspeople.com/site/11214/images/	3 KB 4 KB	186ms 7ms	Image image/jpeg	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/facebook.jpg Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `285fbf79b8a122d2eff89feb71ad3c1dcb3c910b59fcc9e0d1ffaf5736de6ff7` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Thu, 21 Nov 2019 21:48:01 GMT Server keycdn-engine X-Edge-Location defr etag "5dd70611-dbd" X-Cache HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/facebook.jpg>; rel="canonical" Content-Length 3517 Expires Mon, 21 Dec 2020 15:54:30 GMT
GET H/1.1	200 OK	instagram.jpg static.eml.canvaspeople.com/site/11214/images/	4 KB 5 KB	86ms 6ms	Image image/jpeg	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL http://static.eml.canvaspeople.com/site/11214/images/instagram.jpg Requested by Host: link.eml.canvaspeople.com URL: http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html Protocol HTTP/1.1 Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash `37c6093fde5a8aa35616a4c257d0f80f08cb9a51ccbbf8876ff8c2873dca6c81` Request headers Referer http://link.eml.canvaspeople.com/s/ve?eli=h8427809&si=a923801508&cfc=3html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 14 Dec 2020 15:54:30 GMT last-modified Thu, 21 Nov 2019 21:48:01 GMT Server keycdn-engine X-Edge-Location defr etag "5dd70611-104e" X-Cache HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Link <http://link.ixs1.net/site/11214/images/instagram.jpg>; rel="canonical" Content-Length 4174 Expires Mon, 21 Dec 2020 15:54:30 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.eml.canvaspeople.com/	1970-02-13 11:10:33	Name: gactivity.11214 Value: 923801508.0.0.0.0.0.0.120.1607961270093.-909891991
			link.eml.canvaspeople.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 807C5BEBF350ECE45AAA2D9294F34D97

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

link.eml.canvaspeople.com
link.llifi.net
static.eml.canvaspeople.com
207.45.161.110
216.48.114.234
2a0b:4d07:102::1
285fbf79b8a122d2eff89feb71ad3c1dcb3c910b59fcc9e0d1ffaf5736de6ff7
294beca39d7a1efc60dbe3559491750c53c979b5dc65d9cc9195b3312664f19b
350749bbaa9761eaaa2457965a837f752023e7abc5b22554d4a6d807af4a1cf7
37c6093fde5a8aa35616a4c257d0f80f08cb9a51ccbbf8876ff8c2873dca6c81
392f3fe1853e820dc852f3401afc26952502189ad1388450aa244422abaed9fa
401884460e579449db32e42f4381596aac08694c62da50575f1e6734c42d30c8
5c5cada78e0c0e2f2a577612d8f66bcac627ce5ddb23c5ace38d6f82f6ee89c8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
d68fd6cd133c6ae04ee61d43e8f625445248d3f3fd78c36173165bba7ab4817f

link.eml.canvaspeople.com Open in urlscan Pro 216.48.114.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

243 kBTransfer

245 kBSize

2 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Indicators

link.eml.canvaspeople.com Open in urlscan Pro
216.48.114.234 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

243 kB
Transfer

245 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions