app-aafv23hvbd0.canva-apps.com
Open in
urlscan Pro
2606:4700:4400::6812:2544
Public Scan
URL:
https://app-aafv23hvbd0.canva-apps.com/app-sandbox/editor/AAFv23HvBd0/9
Submission: On August 23 via manual from US — Scanned from US
Submission: On August 23 via manual from US — Scanned from US
Summary
This website contacted 3 IPs
in 1 countries
across 3 domains to perform 14 HTTP transactions.
The main IP is 2606:4700:4400::6812:2544, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is app-aafv23hvbd0.canva-apps.com.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time app-aafv23hvbd0.canva-apps.com was scanned on urlscan.io!
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time app-aafv23hvbd0.canva-apps.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2606:4700:440... 2606:4700:4400::6812:2544 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 10 | 2606:4700::68... 2606:4700::6810:6770 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 34.120.195.249 34.120.195.249 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 14 | 3 |
1
2606:4700:4400::6812:2544
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| app-aafv23hvbd0.canva-apps.com |
3
34.120.195.249
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
| o13855.ingest.sentry.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
canva.com
static.canva.com — Cisco Umbrella Rank: 10487 |
197 KB |
| 3 |
sentry.io
o13855.ingest.sentry.io — Cisco Umbrella Rank: 10571 |
453 B |
| 1 |
canva-apps.com
app-aafv23hvbd0.canva-apps.com |
6 KB |
| 14 | 3 |
| Domain | Requested by | |
|---|---|---|
| 10 | static.canva.com |
app-aafv23hvbd0.canva-apps.com
static.canva.com |
| 3 | o13855.ingest.sentry.io |
static.canva.com
|
| 1 | app-aafv23hvbd0.canva-apps.com | |
| 14 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| canva-apps.com WE1 |
2024-07-29 - 2024-10-27 |
3 months | crt.sh |
| canva.com WE1 |
2024-07-16 - 2024-10-14 |
3 months | crt.sh |
| ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-02 - 2024-12-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://app-aafv23hvbd0.canva-apps.com/app-sandbox/editor/AAFv23HvBd0/9
Frame ID: 086EB626AA57E9852CEBFF47C1989C0D
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
9
app-aafv23hvbd0.canva-apps.com/app-sandbox/editor/AAFv23HvBd0/ |
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
45538c8f39361e94.ltr.css
static.canva.com/web/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
21b27811bf8ea7f3.strings.js
static.canva.com/web/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d0c4c57b07312f5d.runtime.js
static.canva.com/web/ |
8 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
69cbc9758aaab228.vendor.js
static.canva.com/web/ |
190 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
da305a7a2b875b86.vendor.js
static.canva.com/web/ |
114 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c7a58656f362f42f.js
static.canva.com/web/ |
213 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7.16.0.min.js
static.canva.com/static/lib/sentry/ |
54 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
o13855.ingest.sentry.io/api/4504534241312768/envelope/ |
2 B 56 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6b887ca28c1af6e4.js
static.canva.com/web/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4e7c8e965f7394d7.js
static.canva.com/web/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
o13855.ingest.sentry.io/api/4504534241312768/envelope/ |
2 B 299 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
o13855.ingest.sentry.io/api/4504534241312768/envelope/ |
41 B 98 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon-1.ico
static.canva.com/static/images/ |
4 KB 4 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| __canva_public_path__ object| bootstrap object| cmsg boolean| __batch_chunks__ object| Sentry object| __SENTRY__ object| BUILD_VARIABLES object| webpackChunk_canva_web object| _fe4d99ebe0d2d259646a80d250150d47 number| __mobxInstanceCount object| __mobxGlobals5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| app-aafv23hvbd0.canva-apps.com/ | Name: CDI Value: 64941244-fa15-4bcb-a7cc-57422e2da7f5 |
|
| app-aafv23hvbd0.canva-apps.com/ | Name: CPA Value: cnvantNIJ6audbCHB98As2XOghEFoJWMJwLbYJjbM_5uVPYoOS-IiGu_zscu_l2bDQF6yAmR0OELntA9pTM9aiXDOD8T0vmzrOGXafIzeB4lIz-UFxTMUQNbmLaqR0kdCjKwJeskeDkvXhhC2PbdQmVnfNR4k-kTtbyaTuC6hiqYDf_M-i5SaUiX3cuBO8Q1ab0aBBLh4QTTCJgY43WNDK5Kb-Q8y_FUwolnMVaIIvlir7GbDKYOXIL2c29NmILYHZJaqFJSe94f8ue3MQN86k3NSXTkS4i60syQWRc1gI_eGD7XRzA1XlJmXrOThibKqriog5iPxFTWw2-QsOzVLwjNF3IOJwx6jzyz0MGgdHHQlw4p5jwOT7fdee269 |
|
| app-aafv23hvbd0.canva-apps.com/ | Name: CCK Value: mQEcoaz3yhQpJMdl5xs_aQ |
|
| .canva.com/ | Name: __cf_bm Value: 11eg.i77bXeWwBP6L9c0.w1rswSYpVOsHfEAdAp4aGw-1724418707-1.0.1.1-vD.h6gOj0wExo9MFrHICkBSvIfvlfTLvnTYvo_kon_RAtmlswgycqmitKd5eI6llLSM3k1raJQIXXY8NAGzYtw |
|
| .canva.com/ | Name: _cfuvid Value: LHsWKGdR5QxfZrwxw7PEb8V0p_71oRBp3xxnRMCAD7o-1724418707801-0.0.1.1-604800000 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | base-uri 'none'; child-src 'none'; connect-src https://telemetry.canva.com/v1/traces wss: https://o13855.ingest.sentry.io https: data:; default-src 'none'; font-src https://static.canva.com https: data:; form-action 'none'; frame-ancestors http://127.0.0.1:* https://*.canva.com http://localhost:* https://127.0.0.1:* https://localhost:*; frame-src 'none'; img-src blob: https://static.canva.com https: data:; media-src blob: https://static.canva.com https: data:; object-src 'none'; script-src https://thirdparty-public-apps.canva-apps.com/v2/BAFv26eOw7w/UAFv24BNmWQ/AAFv23HvBd0/8/js/c121906c-eaf0-4095-a331-edde774648b8.js https://static.canva.com 'wasm-unsafe-eval' 'nonce-nh70LGZmUSPG641A+6UI7g'; style-src 'unsafe-inline' https://static.canva.com; worker-src 'none' |
| Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-aafv23hvbd0.canva-apps.com
o13855.ingest.sentry.io
static.canva.com
2606:4700:4400::6812:2544
2606:4700::6810:6770
34.120.195.249
030bdef35a45ce58cb4f6d419ea7482fdd35ad0dac5efba53872bb75e9f08a42
0bf820acff5af2b48c1de7c014b3b06447ca4036780fad8b6d97df8e5a8f5864
1107b6355def75038f3a2a66f232b5dda6c9190da6c1b9e208c49db972febe5e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
58c8ac7f23b678205829b25b2a3c72d2b8e200f58a61febe0a7b67ade7c00426
82408088cfd67b9901f6d5a69737a58c6bb673053d51bc01769e974f7ce6a22c
bafd00fe01be7001054367e08de2836aaaa01b8601b6a193649d9cea1ec921e6
bb7cff85c90aa9f24373f0bd425a6d931a41b382fe72859c0224dfc7f361f9dd
c176f66163af08086420901802c42029bb2a04c89c09e1d633197d03fd943217
c6de703f8ee214808496dcd92795ac8971782935ed75abdd5624c814e69daaea
cbf8f3c57f5b69a6fb24de71ea07ace224564028e15d8735a826698740e6d6ac
e54eafb367a7b91c2b995d0e98c6173afaacef1d67defdcb84334de658eeafc6
ec2fbad47e598fe06c7a2b825224b3b1b8d8221f3002e6370e627d459ff0634a