URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Submission: On October 18 via manual from US — Scanned from DE

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 23 HTTP transactions. The main IP is 104.17.114.17, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.canva.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2021. Valid for: a year.
This is the only time www.canva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 104.17.114.17 13335 (CLOUDFLAR...)
1 142.250.186.106 15169 (GOOGLE)
1 104.16.95.65 13335 (CLOUDFLAR...)
3 34.120.195.249 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
23 5
Domain Requested by
11 static.canva.com www.canva.com
static.canva.com
6 www.canva.com www.canva.com
static.canva.com
3 o13855.ingest.sentry.io static.canva.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com www.canva.com
1 fonts.googleapis.com www.canva.com
23 6

This site contains no links.

Subject Issuer Validity Valid
canva.com
Cloudflare Inc ECC CA-3
2021-08-08 -
2022-08-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.ingest.sentry.io
R3
2021-08-25 -
2021-11-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 1 frames:

Primary Page: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Frame ID: C1157299388C9519E6E91C7CEE9145E9
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

You are about to leave Canva!

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

320 kB
Transfer

823 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request link
www.canva.com/
10 KB
5 KB
Document
General
Full URL
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb29d3f650631eca05f5adb1db9c3a197f8cb88dcab8e4398eff99d0641855f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.canva.com
:scheme
https
:path
/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-type
text/html;charset=utf-8
cf-ray
6a044aed0f4d218d-DUS
cache-control
no-cache, no-store
content-language
de-DE
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
CDI=b7894d27-419b-45c7-b067-c5e10324e135; Path=/; Expires=Tue, 18-Oct-2022 19:49:55 GMT; Max-Age=31536000; Secure; HttpOnly; SameSite=None CPA=ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8; Path=/; Expires=Mon, 18-Oct-2021 22:49:55 GMT; Max-Age=10800; Secure; HttpOnly; SameSite=None CCK=aRdwBcvjA9Nz1R6Kxzoczg; Path=/; Expires=Mon, 18-Oct-2021 22:49:55 GMT; Max-Age=10800; Secure; HttpOnly; SameSite=None __cf_bm=_ASSbVn20oNBI73e.CNkhyXrITB7_2qI6N9.TssjjtQ-1634586595-0-AUPgyALWXAzOIyNam70bEsIR9LTVWeTPFgdEQsdYp94XQJKYx55S0cG8GkXlfBQ6GYxR3dmCnI//mO/MmkJhWR8=; path=/; expires=Mon, 18-Oct-21 20:19:55 GMT; domain=.canva.com; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'none';
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-request-id
6a044aed0f4d218d
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=532SB%2FLnsy85Bxgi7YhI1ImVFaaKVu4Cyq2M6Y8q%2FN4hAH%2Fy5HxegzKkRTufk3b4Vq5HvcACz46wBKZPDg2JQAR6oEGYAZ1I6oAfwMcfLxcYdHkhLGRddqoRUlMuZEY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
c8a9d4ed3242d1451480.runtime.js
static.canva.com/web/
5 KB
3 KB
Script
General
Full URL
https://static.canva.com/web/c8a9d4ed3242d1451480.runtime.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2c36a73b57bd541f2c009cc93b9212d0f9476702fdae4fe864d3e5fc0bbcef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canva.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
438072
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
4AMK090G61Z2S9ST
x-amz-id-2
feAj/So6aJkB/bTsu/YZ7utU6NXlEOE7uIg6j3f8w/ZZ9qdh37DGQo2ZuOdvtm+Wl5/64IY3Cuw=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Fri, 14 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Wed, 13 Oct 2021 00:49:49 GMT
server
cloudflare
etag
W/"8a4692124d18d0ff218516e0fa524cfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiPmhttIJXn7SDG7p%2BnJZBv8a5KblEKYyQ8vIaTqKOTUzo6QgNFk%2ByhBuNBfKFHV5wZ4B4qIKHn5jCzkWu6Ig4HbutCS8zFn83ECkIgA8xKZ7TxVRgATrE7SyU4O7efsQVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
dtjFrdf4arcyYuyugLconZUXZdwHed38
cf-ray
6a044aeecd152181-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
160bef0212cd22c79f6d.vendor.js
static.canva.com/web/
186 KB
62 KB
Script
General
Full URL
https://static.canva.com/web/160bef0212cd22c79f6d.vendor.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b12f44fde3099950e5705cdb10cafa95131ff43ebe326f624e078eb299dc0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canva.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
645930
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P98Q81WCZPQHQDNY
x-amz-id-2
RG6V1hpsMah/wdN1JcwjJBguDLI3x/K6xggAClKp536kpGFHjAOZhEWH4IdqwVgX12FwOv7+DAg=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Sun, 09 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Fri, 08 Oct 2021 00:33:33 GMT
server
cloudflare
etag
W/"af0d784b7062dd1783842c2df4840be4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnnNMhuOaveZS6dak1ijKpwAFsG5qu3vsdYJi6M3YwuZuzns2lP1nMEFL1xUnzJElEFZrKJxgFXGimXlGuzKL%2BIEpP7wzL%2FWWF%2FRqLNvZD2%2FB14J%2Bp5kgy%2FGSIfIQVgn1QU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
8DypYzkFM5QXjeE7hq.7JHPML_sx8VP_
cf-ray
6a044aeecd162181-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
482a3896debc3dd1681f.vendor.js
static.canva.com/web/
119 KB
37 KB
Script
General
Full URL
https://static.canva.com/web/482a3896debc3dd1681f.vendor.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acdfba6e9f0231751474a21dc075166f05c65d48a42b5b29c48f220f2b7ba1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canva.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
645930
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P98Z07D93CE3NBBH
x-amz-id-2
7WRlikr7J7I8FcA7543EIVQaYGBK289VL8SFlh0tusqCccXrpR+YKuVhb9QnU6GXI5i6JUERYQ4=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Sun, 09 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Fri, 08 Oct 2021 00:33:33 GMT
server
cloudflare
etag
W/"622dfed4b006d327200d82a98cdf0d53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysKgu8rQ71DKmryLFM4t8lcMYz5ZsFZJwitMnSWOg6TlsbkwVQbmOhbV6Zv8wf%2FNbpCMoJVVA7nMaxeSdwrrEGjQtTzTO9KzI5ly2T26b%2FQNDnzjVSIlVYeiRSJZRydwpcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
gwxgGitTDGo8FBqcxet.E7XS8iC.wmiu
cf-ray
6a044aeecd182181-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
36928f2e8160eea0c9f8.js
static.canva.com/web/
148 KB
51 KB
Script
General
Full URL
https://static.canva.com/web/36928f2e8160eea0c9f8.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33cc61af5f64c62ebfa1d249884376942cecfd0c37ed8591d7c6afbe1268d554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canva.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
383201
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
8G0A2V1WCWFND2G4
x-amz-id-2
oD+HkGUKVLHtllmKPwr8i3GyGgrK2zuI6quQ+WO4RS7AN9SBglR5fN3+C0Obm/98TltDjk/5BoY=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Sat, 15 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Thu, 14 Oct 2021 00:38:25 GMT
server
cloudflare
etag
W/"6bd9a49221d4543ebe67ea85f3e39a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR5wsO7%2FfrIqENTIlga78MXyek54lgX3mzKtA7Sywj3W3SULoGsqArrpS8aXT5JfMrkWCnJGYaWIGytK0afPPoyAXTOPMuZ1MyfzEaEpS%2F7PRZlrK%2F0lRO4t9Faf3NIvNyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
U2izEXfQBiAiNGPUIgPdP9NtPj7zBOwX
cf-ray
6a044aeecd1b2181-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
e5681129bc3e63270b03.v2.ltr.css
static.canva.com/web/
36 KB
10 KB
Stylesheet
General
Full URL
https://static.canva.com/web/e5681129bc3e63270b03.v2.ltr.css
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc7a305508a4ed9627fdfa4462d2eb4252ea7f3c246c251c4e42267852289e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canva.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
645930
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
18G53EV6WVHVGZ9V
x-amz-id-2
t9BYI5G3qaF8MKP7hMkVTqYt5Km6ODUDpBUltnmwRv6aMA4Up54i8ox5TBuu+SAgK5W0g0jTU5k=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Fri, 30 Sep 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Wed, 29 Sep 2021 03:29:18 GMT
server
cloudflare
etag
W/"1e1f1a132372abcfc17f715b4b38861c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1hsfTzAL7Z8MI4UKJSOaKSJKIXgxzFqcymoBgywLyncEKnOGh9ZYKt9PuNISMzTOeXDoWzFMKbFJw8GV8q%2FMbS1tw0p%2FxIsdbap5XQ4Rd0Q7vwWedlMAfftVbMbVj2Hec0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
ELVLamaYUjBXj_uUqNsMvGToJ8gOl2B8
cf-ray
6a044aeecd122181-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
2270da8734cf142d292fe4ca47d345a192426f153f0b581e3f39264726eff69d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 19:18:39 GMT
server
ESF
date
Mon, 18 Oct 2021 19:49:55 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 18 Oct 2021 19:49:55 GMT
6.7.1.min.js
static.canva.com/static/lib/sentry/
67 KB
22 KB
Script
General
Full URL
https://static.canva.com/static/lib/sentry/6.7.1.min.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e80c26f44fbd5a47f01b2d919ac26b69ef774b04a80ecd344f405f9aa321a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8790225
x-amz-server-side-encryption
AES256
x-amz-meta-vary
Origin
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
W84NFY49WYQFG54Q
x-amz-id-2
ywV5lKoZpo829wP3B38HAMg1Op3Zuw2Uytj8G1a6uWj0GQpknNsqLV5hyUUvHGGSMCKQER6S0C0=
timing-allow-origin
https://www.canva.com
last-modified
Wed, 07 Jul 2021 22:20:57 GMT
server
cloudflare
etag
W/"85b5d7daf7ef66c26e50332a0625f4d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwCx82WP2Mqmm2kWwmFGUR9tl0a4VGCQzI%2BfRia%2Bct7qLzvzwMHG51h2CSw7VUO%2F5aEYQZOJ7W5jz1bcLWnhbkSaVIiEISExZhDonVCC5iR8oBBVl1xg2FDkXQVdiLruzD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31556926
x-amz-version-id
uFTZh31KkthlnKnHyFcxacLJLrpmhPt1
cf-ray
6a044aee9d1c218d-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
api.js
www.canva.com/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://www.canva.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
cookie
CDI=b7894d27-419b-45c7-b067-c5e10324e135; CPA=ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8; CCK=aRdwBcvjA9Nz1R6Kxzoczg; __cf_bm=_ASSbVn20oNBI73e.CNkhyXrITB7_2qI6N9.TssjjtQ-1634586595-0-AUPgyALWXAzOIyNam70bEsIR9LTVWeTPFgdEQsdYp94XQJKYx55S0cG8GkXlfBQ6GYxR3dmCnI//mO/MmkJhWR8=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.canva.com
referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TetWf%2BFU9ckZWBHLEV8PSTjcH6Oh9pKQAz25mopmgAzI3aG1J4GsMtLPN5IKnAMkFO5vPwX8xJN2g8dIQxo0JCAzBz8pyLy%2BFNoCirgzfN53pyE%2B9T4O8I%2B9czmGknA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6a044aef2ea6218d-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ff7bc3fdf65dae50abf9d66cfb7437549255fb84.strings.js
static.canva.com/web/
2 KB
2 KB
Script
General
Full URL
https://static.canva.com/web/ff7bc3fdf65dae50abf9d66cfb7437549255fb84.strings.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4888962f9dd1056d8b7d9f83eae44ef4a76ade814df3695e8126eac8ea73f828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canva.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
46910
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
QHJ92FKH3M7BR0GW
x-amz-id-2
16W6POB3H393cOw3HeoRwfNoUWnhR0EgqLr3HG87UExD6jdWCi5RL+GTMoDH6rctrfLp3ms1roo=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Thu, 29 Sep 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Tue, 28 Sep 2021 02:30:46 GMT
server
cloudflare
etag
W/"600b49d24062e031c95ab8ade49e79e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpVpqUcU491f7LtYg%2B39I5eOoYqlBY8auheQAfPqN3jGuigX72uljV%2BVJtAhpSzGvU8zynCDZIN7DkMKBON7moPg3woe495dJVwGzYy8M8rDTm5%2FxIUNLDS2HAW8fCPNgNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
KWeINsMZ9UEwSEQ.2SHeeLzUAJb7oIVN
cf-ray
6a044aeecd1c2181-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
beacon.min.js
static.cloudflareinsights.com/
13 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6a044aef59f42193-DUS
/
o13855.ingest.sentry.io/api/5403944/envelope/
2 B
244 B
Fetch
General
Full URL
https://o13855.ingest.sentry.io/api/5403944/envelope/?sentry_key=c50fa9f3bfcc4ee3bd4a5eca6add3a1b&sentry_version=7
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.canva.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.canva.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o13855.ingest.sentry.io/api/5403944/envelope/
2 B
103 B
Fetch
General
Full URL
https://o13855.ingest.sentry.io/api/5403944/envelope/?sentry_key=c50fa9f3bfcc4ee3bd4a5eca6add3a1b&sentry_version=7
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.canva.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.canva.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o13855.ingest.sentry.io/api/5403944/envelope/
2 B
102 B
Fetch
General
Full URL
https://o13855.ingest.sentry.io/api/5403944/envelope/?sentry_key=c50fa9f3bfcc4ee3bd4a5eca6add3a1b&sentry_version=7
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.canva.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.canva.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
d4d9c5da2aea73a9e781.js
static.canva.com/web/
2 KB
2 KB
Script
General
Full URL
https://static.canva.com/web/d4d9c5da2aea73a9e781.js
Requested by
Host: static.canva.com
URL: https://static.canva.com/web/c8a9d4ed3242d1451480.runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7400bbc478c16bca6a3b04ca2bad8087b2fa92eda6f613462e7536763692b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
438072
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Y2YNK166F392F6ER
x-amz-id-2
8pN//q/oI6Qh6XYOxU1MqNF+Z3OR4pW+XwwB3QBlbyE/aGbxkzdMHa2Urs5Z+Mluvmgz9pZAutA=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Fri, 14 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Wed, 13 Oct 2021 00:49:49 GMT
server
cloudflare
etag
W/"7b56763e1fa54a6a2ff727aeeb328752"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9TzOnFzxHdwSXxH%2BFfm%2FxCaCP6kB2RNf%2Balf17FLSR%2B7VaZfLX%2BM13tW84eD23cuq4niRV64GVPieVdmOUj5Zat%2Fncqfh7jhmQrkJS1ZStPUoKg0fyq1sjGqajuAb9RiOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31556926
x-amz-version-id
wxYRTy0bfe9N5zMPDBDAox8nSkFJ_pmY
cf-ray
6a044aef89eefadc-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
8473e9637b0ec7bcbcb5.vendor.js
static.canva.com/web/
130 KB
47 KB
Script
General
Full URL
https://static.canva.com/web/8473e9637b0ec7bcbcb5.vendor.js
Requested by
Host: static.canva.com
URL: https://static.canva.com/web/c8a9d4ed3242d1451480.runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502cead59de72cffd1e6fb6a1f712e7dd06fcef66781e651a92f3c1f45c1967d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
530456
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
NX789HMCWH0XWP8A
x-amz-id-2
zo91zisoe/wvRvus7Zz2wlUru9kOSBX5bDXjsHIuDuojwe3qabqZ0aJ0mAMZrUON92SsB1wcLCs=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Thu, 13 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Tue, 12 Oct 2021 01:00:57 GMT
server
cloudflare
etag
W/"dcbd96dc2dc1bb20401f033556c67f01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYhCt0Sh%2BJL7Jpv64O7uB9SkLs5HwmBrMMNUES7c4PpXEBvc0SASho04O5SE0NJSfDPvrBKvAeK1%2BKRiuITfw1fHWdXMFGp8jY0cYaT8ImIjpbqici6kT4jEx2ZaPo3E8%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31556926
x-amz-version-id
4m.pSrNniPpwNWNcl2yBu2OEwvvva9pG
cf-ray
6a044aef89f2fadc-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
16445ecd165c7fbd01ec.js
static.canva.com/web/
5 KB
3 KB
Script
General
Full URL
https://static.canva.com/web/16445ecd165c7fbd01ec.js
Requested by
Host: static.canva.com
URL: https://static.canva.com/web/c8a9d4ed3242d1451480.runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3593dbaa792ed8459de30995d14cdf494c35c66cc35f00b9f71124eb0165b1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
438072
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Y2YR6C8WACR3HQEK
x-amz-id-2
/GmrySyNNUN8HdUuSoCAiNWwvoAs5otT2XjDEB2RVHhb63/MzVftWhflrG+LPaPxZRVb+NCHnMw=
timing-allow-origin
https://www.canva.com
x-amz-expiration
expiry-date="Fri, 14 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Wed, 13 Oct 2021 00:49:48 GMT
server
cloudflare
etag
W/"8faf2eef8ff3af2643bb03288af370f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6FP3Ukd3X%2FSp4zIlOvELwbfd%2Bk8Hc7lFSCwWsyyVi075e2FQKByS1S2lTzQ7GH8JflLr0aXnUR4CYB9WMCMfGLkr86PhH2kh3ioT8UVVlDolFvw67P9LuKRYxUMx3gRqMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31556926
x-amz-version-id
mKLkBwpBFi2gjE.lIw6aoJLxr.hPO_ho
cf-ray
6a044aef89f4fadc-DUS
expires
Wed, 19 Oct 2022 01:38:41 GMT
987f19e4e8c6953703d6df5ca9a8b5a1.png
static.canva.com/web/images/
12 KB
14 KB
Image
General
Full URL
https://static.canva.com/web/images/987f19e4e8c6953703d6df5ca9a8b5a1.png
Requested by
Host: www.canva.com
URL: https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a68af230a0cffb499c06c471404bb898bc2ca1d9048e6d4684ab8d1b70f630b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.canva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
645930
cf-polished
origFmt=png, origSize=19592
cf-ray
6a044aefaa42fadc-DUS
content-type
image/webp
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="987f19e4e8c6953703d6df5ca9a8b5a1.webp"
cf-bgj
imgq:85,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12792
x-amz-id-2
ddVfKQ0hBksElnMEtoi7JxfJCloIEaxpQkCsFIavAFlLm9ksPo4A4M4oG/X+pqdOWmykodIKmTg=
x-amz-server-side-encryption
AES256
x-amz-expiration
expiry-date="Sat, 08 Oct 2022 00:00:00 GMT", rule-id="Cleanup objects in web/ older than 1 year"
last-modified
Thu, 07 Oct 2021 00:19:11 GMT
server
cloudflare
etag
"987f19e4e8c6953703d6df5ca9a8b5a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7iZlTxid%2FZJATKD0RhSua5vtm2qmNlhvtF2f2cWfbNmVjnDyIYk6JG56Rxc%2F6QX1AeiN%2FEKJtaf0PM%2B6hAQMmsZcYEkbOnrs5Wzfky6nDB6hSWOq3HQ9A5EPrSzpiwwoG0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ED5EFZH30223S583
vary
Accept, Origin, Accept-Encoding
cache-control
public, max-age=31556926
x-amz-version-id
_4aY2g7djgTm2Jl1SKZlc1.TdhQ1hWSr
accept-ranges
bytes
timing-allow-origin
https://www.canva.com
expires
Wed, 19 Oct 2022 01:38:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.canva.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
355524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 17:04:31 GMT
ae
www.canva.com/_ajax/csrf3/
137 B
924 B
XHR
General
Full URL
https://www.canva.com/_ajax/csrf3/ae
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a98edf76fddda4197a4bda305d2bc688c4ba1a4112dc7b7a1fabb98f5c94cdf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

x-canva-brand
BAAAAAAAAAA
sec-fetch-mode
cors
x-canva-build-sha
3a031b1dfd12767ab34aad3357dda20e7c3a47e3
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
CDI=b7894d27-419b-45c7-b067-c5e10324e135; CPA=ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8; CCK=aRdwBcvjA9Nz1R6Kxzoczg; __cf_bm=_ASSbVn20oNBI73e.CNkhyXrITB7_2qI6N9.TssjjtQ-1634586595-0-AUPgyALWXAzOIyNam70bEsIR9LTVWeTPFgdEQsdYp94XQJKYx55S0cG8GkXlfBQ6GYxR3dmCnI//mO/MmkJhWR8=
x-canva-locale
de-DE
:path
/_ajax/csrf3/ae
pragma
no-cache
x-canva-app
malicious_links
x-canva-analytics
AAMAA1dFQgA=
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.canva.com
referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
:scheme
https
sec-fetch-site
same-origin
x-canva-build-name
20211014-21
:method
GET
X-Canva-Brand
BAAAAAAAAAA
X-Canva-App
malicious_links
X-Canva-Build-Sha
3a031b1dfd12767ab34aad3357dda20e7c3a47e3
Accept-Language
de-DE,de;q=0.9
X-Canva-Analytics
AAMAA1dFQgA=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
X-Canva-Locale
de-DE
X-Canva-Build-Name
20211014-21

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6a044aefeac2fadc
pragma
No-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6WxVyd0%2BIBaITH0orezwz29Lw3vgoTkgcojTZ1pKH8YzCebbcJ2jSH6XR8N0RRuEs4u%2BlWf4bM9DR1X9CN%2FYV2SX%2BooeMEl5etL7Dos1zRn1jEEApJaSmjlYnNC%2BKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding, User-Agent
cache-control
no-cache, no-store
set-cookie
__cfruid=fe40f968c30ea57bb7867e68af66bf6bdeda8c3b-1634586595; path=/; domain=.canva.com; HttpOnly; Secure; SameSite=None
cf-ray
6a044aefeac2fadc-DUS
expires
Thu, 01 Jan 1970 00:00:00 GMT
result
www.canva.com/cdn-cgi/bm/cv/
0
793 B
XHR
General
Full URL
https://www.canva.com/cdn-cgi/bm/cv/result?req_id=6a044aed0f4d218d
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.canva.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
CDI=b7894d27-419b-45c7-b067-c5e10324e135; CPA=ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8; CCK=aRdwBcvjA9Nz1R6Kxzoczg; __cf_bm=_ASSbVn20oNBI73e.CNkhyXrITB7_2qI6N9.TssjjtQ-1634586595-0-AUPgyALWXAzOIyNam70bEsIR9LTVWeTPFgdEQsdYp94XQJKYx55S0cG8GkXlfBQ6GYxR3dmCnI//mO/MmkJhWR8=
content-length
508
:path
/cdn-cgi/bm/cv/result?req_id=6a044aed0f4d218d
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.canva.com
referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXVUfhe3EkLt508oKdXdnTIyqE%2F5t9lntpSA31M8GcFypMTDoWJuoRlZOVQvX3aMUi1%2Foi4hF3NqxxWnGfg3N647zZEfsoGc%2ByhJz7T8iR09QBjBQy7tTZa0Cwt76BE%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
set-cookie
__cf_bm=Fjv1Qe2Iei3M0fKRcUowHE2s9QYC2LsX645QMvItfRU-1634586595-0-AeOxc2dBoMQTRB+CRcyjP9s30rYpUUMyFN7Nd+lmyPK0/QiiW3UN83WUHEd3whGU3wzli0PJ8ifKEjvsE+xffxnoP2u4L8+F1oHpPu0k6fa5UDxQiRcV9RJ03HySd97DYEHmVDRLBBxjYPsJIXtzDuIWvBMRtbmJ/5+r0glesB+j; path=/; expires=Mon, 18-Oct-21 20:19:55 GMT; domain=.canva.com; HttpOnly; Secure; SameSite=None
cf-ray
6a044af04baafadc-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rum
www.canva.com/cdn-cgi/
0
165 B
XHR
General
Full URL
https://www.canva.com/cdn-cgi/rum?
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.canva.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
CDI=b7894d27-419b-45c7-b067-c5e10324e135; CPA=ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8; CCK=aRdwBcvjA9Nz1R6Kxzoczg; __cf_bm=_ASSbVn20oNBI73e.CNkhyXrITB7_2qI6N9.TssjjtQ-1634586595-0-AUPgyALWXAzOIyNam70bEsIR9LTVWeTPFgdEQsdYp94XQJKYx55S0cG8GkXlfBQ6GYxR3dmCnI//mO/MmkJhWR8=
content-length
6148
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.canva.com
referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Mon, 18 Oct 2021 19:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.canva.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6a044af06c0afadc-DUS
vary
Origin
create
www.canva.com/_ajax/ae/
22 B
718 B
XHR
General
Full URL
https://www.canva.com/_ajax/ae/create
Requested by
Host: static.canva.com
URL: https://static.canva.com/static/lib/sentry/6.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.114.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

x-canva-brand
BAAAAAAAAAA
sec-fetch-mode
cors
origin
https://www.canva.com
x-canva-build-sha
3a031b1dfd12767ab34aad3357dda20e7c3a47e3
x-csrf-token
xsmpQI8NGTvAPlXbFNaQDh7HU-kyspKaIlrVlRUhCDwxV8zrX71hy0nHCzN3mpXZ83X5snMwbEBdGkRRChTrJxXSuF8
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
CDI=b7894d27-419b-45c7-b067-c5e10324e135; CPA=ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8; CCK=aRdwBcvjA9Nz1R6Kxzoczg; __cf_bm=Fjv1Qe2Iei3M0fKRcUowHE2s9QYC2LsX645QMvItfRU-1634586595-0-AeOxc2dBoMQTRB+CRcyjP9s30rYpUUMyFN7Nd+lmyPK0/QiiW3UN83WUHEd3whGU3wzli0PJ8ifKEjvsE+xffxnoP2u4L8+F1oHpPu0k6fa5UDxQiRcV9RJ03HySd97DYEHmVDRLBBxjYPsJIXtzDuIWvBMRtbmJ/5+r0glesB+j; __cfruid=fe40f968c30ea57bb7867e68af66bf6bdeda8c3b-1634586595
x-canva-locale
de-DE
content-length
1044
:path
/_ajax/ae/create
pragma
no-cache
x-canva-app
malicious_links
x-canva-analytics
AAMAA1dFQgA=
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.canva.com
referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
:scheme
https
sec-fetch-site
same-origin
x-canva-build-name
20211014-21
:method
POST
X-Canva-Brand
BAAAAAAAAAA
X-Canva-App
malicious_links
X-Canva-Build-Sha
3a031b1dfd12767ab34aad3357dda20e7c3a47e3
X-Csrf-Token
xsmpQI8NGTvAPlXbFNaQDh7HU-kyspKaIlrVlRUhCDwxV8zrX71hy0nHCzN3mpXZ83X5snMwbEBdGkRRChTrJxXSuF8
Accept-Language
de-DE,de;q=0.9
X-Canva-Analytics
AAMAA1dFQgA=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://www.canva.com/link?target=https%3A%2F%2Fsharepointloginpage.netlify.app&design=DAEtMtG__uo
X-Canva-Locale
de-DE
X-Canva-Build-Name
20211014-21

Response headers

date
Mon, 18 Oct 2021 19:49:56 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22
x-xss-protection
1; mode=block
x-request-id
6a044af0ccdafadc
pragma
No-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg6bNvutMzl09voS9o6ILVG3KVRcpy3TXp6UdMFnLn1AxMItDHAXrXalelSjy0zRlRAI%2FUrMREGKWH%2FVnOjvcQlWRb5mXCcJ8E1pl6KTLIYBwixzHlsIFPZP%2BAXrSTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store
cf-ray
6a044af0ccdafadc-DUS
expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| initSentry object| Sentry object| __SENTRY__ object| __tti string| __canva_public_path__ object| bootstrap object| cmsg object| __CF$cv$params object| webpackChunk_canva_web object| _d5336dfe6a1b13da5ca29a9b49c1e3a2 number| __mobxInstanceCount object| __mobxGlobals function| Mousetrap function| _dmr function| _dmc function| _dma function| _dmb function| _dp function| _dc object| a0_0x433e function| a0_0x3d7e object| __cfBeacon object| __sentry_instrumentation_handlers__ object| dataLayer

5 Cookies

Domain/Path Name / Value
www.canva.com/ Name: CDI
Value: b7894d27-419b-45c7-b067-c5e10324e135
www.canva.com/ Name: CPA
Value: ZoTB-_bTwlJ9SPLBrgXy4gRmrVsdLX8LUygaAHWOvAFbm6wSPhmZsG10-aD_wEsyvlhjHajy3rkAG5s2mIG6yN2IRF82odeC1S5fowD5Ozt_TGkwlZZApp17BU-LaRZ77KOnwTeYNY8DgeGBXabtN34nQnf5iPMZbTLbG7T9WX_qp2Z5yhm8sR-0laHScS1C9TmA_3bj064IkMwhyqTfPCh4g3jz5hp6aLaFGVS5OZeKE4YW5bgh0OYp53K3tfkODmmj9GRtjKmvOq7YHfwiDXVMSFvQBgpEpOgtWTroXNI-LZGT7pLgcz1xflFckJWr6LEJ1-n6SvXlxeYOuTB9Uhh5A0HtWTDQz47GwPKnD54YTlba3pOpB339FJzlP6KbvpNdSXLCpIIw4tchhsEMgpw93oqcZ6HGFlXFBMrfDZpRhtd8
www.canva.com/ Name: CCK
Value: aRdwBcvjA9Nz1R6Kxzoczg
.canva.com/ Name: __cf_bm
Value: Fjv1Qe2Iei3M0fKRcUowHE2s9QYC2LsX645QMvItfRU-1634586595-0-AeOxc2dBoMQTRB+CRcyjP9s30rYpUUMyFN7Nd+lmyPK0/QiiW3UN83WUHEd3whGU3wzli0PJ8ifKEjvsE+xffxnoP2u4L8+F1oHpPu0k6fa5UDxQiRcV9RJ03HySd97DYEHmVDRLBBxjYPsJIXtzDuIWvBMRtbmJ/5+r0glesB+j
.canva.com/ Name: __cfruid
Value: fe40f968c30ea57bb7867e68af66bf6bdeda8c3b-1634586595

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
o13855.ingest.sentry.io
static.canva.com
static.cloudflareinsights.com
www.canva.com
104.16.95.65
104.17.114.17
142.250.181.227
142.250.186.106
34.120.195.249
0a2c36a73b57bd541f2c009cc93b9212d0f9476702fdae4fe864d3e5fc0bbcef
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
2270da8734cf142d292fe4ca47d345a192426f153f0b581e3f39264726eff69d
33cc61af5f64c62ebfa1d249884376942cecfd0c37ed8591d7c6afbe1268d554
34b12f44fde3099950e5705cdb10cafa95131ff43ebe326f624e078eb299dc0a
3593dbaa792ed8459de30995d14cdf494c35c66cc35f00b9f71124eb0165b1a6
3a68af230a0cffb499c06c471404bb898bc2ca1d9048e6d4684ab8d1b70f630b
3bb29d3f650631eca05f5adb1db9c3a197f8cb88dcab8e4398eff99d0641855f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4888962f9dd1056d8b7d9f83eae44ef4a76ade814df3695e8126eac8ea73f828
502cead59de72cffd1e6fb6a1f712e7dd06fcef66781e651a92f3c1f45c1967d
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5bc7a305508a4ed9627fdfa4462d2eb4252ea7f3c246c251c4e42267852289e5
a98edf76fddda4197a4bda305d2bc688c4ba1a4112dc7b7a1fabb98f5c94cdf6
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
acdfba6e9f0231751474a21dc075166f05c65d48a42b5b29c48f220f2b7ba1a3
badbc73aa47546ff0fc36e1443c8b120a75140bd9deba3f4dab88b7d2cc535bc
c7400bbc478c16bca6a3b04ca2bad8087b2fa92eda6f613462e7536763692b1b
cf3e80c26f44fbd5a47f01b2d919ac26b69ef774b04a80ecd344f405f9aa321a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855