crystalcalico.carrd.co Open in urlscan Pro
172.64.147.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crystalcalico.carrd.co/
Effective URL:
https://crystalcalico.carrd.co/
Submission: On September 30 via api (September 30th 2024, 5:05:07 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 172.64.147.222, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is crystalcalico.carrd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 29th 2024. Valid for: 10 months.

This is the only time crystalcalico.carrd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.64.147.222 172.64.147.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4024:c00::78	15169 (GOOGLE) (GOOGLE)
15	7

3 172.64.147.222 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

crystalcalico.carrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c00::78 (Clarksville, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	230 KB
3	carrd.co crystalcalico.carrd.co	242 KB
2	gstatic.com fonts.gstatic.com csi.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
15	4

	Domain	Requested by
6	pagead2.googlesyndication.com	crystalcalico.carrd.co pagead2.googlesyndication.com
3	crystalcalico.carrd.co
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	crystalcalico.carrd.co
15	6

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.instagram.com
twitter.com
www.tiktok.com
bsky.app
toyhou.se
ko-fi.com
artfight.net
crystalcomms.carrd.co

Subject Issuer	Validity	Valid
carrd.co Cloudflare Inc ECC CA-3	`2024-02-29` - `2024-12-31`	10 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://crystalcalico.carrd.co/
Frame ID: 47A3D15F903EADF3259D10BE026E8D47
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240925/r20110914/zrt_lookup_fy2021.html
Frame ID: 30CD63C861907BF407AA1A4E3430B497
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-9165829451065334&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1706572121&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcrystalcalico.carrd.co%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aipecl=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727715902955&bpp=5&bdt=226&idt=102&shv=r20240925&mjsv=m202409240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6292379053185&rume=1&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31087427%2C31087429%2C31087434%2C31087436%2C44798934%2C95343455%2C31061691%2C31061692&oid=2&pvsid=4350270520360999&tmod=459018726&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=145
Frame ID: 15316C109CEF877F99FF99DB3440DF61
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 61C6383F7AFB23AD60D1AC6DAC515A54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CrystalCalico

Page URL History Show full URLs

http://crystalcalico.carrd.co/ HTTP 307
https://crystalcalico.carrd.co/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

521 kB
Transfer

1015 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/crystalcalico
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crystalcalico/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/crystalcalico?lang=en
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@crystalcalico
Title: TikTok

Search URL Search Domain Scan URL

URL: https://bsky.app/profile/crystalcalico.bsky.social
Title: Bluesky

Search URL Search Domain Scan URL

URL: https://toyhou.se/CrystalCalico
Title: Toyhouse

Search URL Search Domain Scan URL

URL: https://ko-fi.com/crystalcalico
Title: Ko-fi

Search URL Search Domain Scan URL

URL: https://artfight.net/~CrystalCalico
Title: Art Fight

Search URL Search Domain Scan URL

URL: https://crystalcomms.carrd.co/
Title: Commissions + TOS + Queue

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crystalcalico.carrd.co/ HTTP 307
https://crystalcalico.carrd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crystalcalico.carrd.co/
Redirect Chain

http://crystalcalico.carrd.co/
https://crystalcalico.carrd.co/

83 KB
20 KB

598ms
554ms

Document
text/html

172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crystalcalico.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0310fef35923e38af74ff8d70e82da0a3b511e3365a4a42903e066cf80be7737

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8cb5cba48d863a70-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 30 Sep 2024 17:05:02 GMT
expires: Mon, 30 Sep 2024 17:05:02 GMT
last-modified: Mon, 29 Jan 2024 23:48:41 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://crystalcalico.carrd.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,600;0,800;1,600;1,800

Requested by

Host: crystalcalico.carrd.co
URL: https://crystalcalico.carrd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85ee5adb6423ed4298c7895d02532b48a37409de697f919eb7beb60d502cb820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 17:05:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 17:05:02 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 30 Sep 2024 17:05:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbab678f7c54fc80a2b1a1e9c3480926259ccf9a2bd230f18553ad25998b7444

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30780496abb3a2b38ac697f97d44314e8e7311f9e258e8bc030004b361869462

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 51ms
29ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9165829451065334

Requested by

Host: crystalcalico.carrd.co
URL: https://crystalcalico.carrd.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

15f3f1c7833d97088b309882715a317c3b00816e1b5a0b0f5d120c66fefa1af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://crystalcalico.carrd.co
Referer: https://crystalcalico.carrd.co/

Response headers

content-encoding: br
etag: 14294574243541847920
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 17:05:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Sep 2024 17:05:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52556
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68fb7e9f4b10becfa38e85f26610b3809776df1447948e92f2f3b44b002f12c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 37ms
10ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,600;0,800;1,600;1,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://crystalcalico.carrd.co
Referer: https://fonts.googleapis.com/

Response headers

age: 411361
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 22:49:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 22:49:01 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/ 409 KB
137 KB 65ms
44ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9165829451065334&plah=crystalcalico.carrd.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9165829451065334

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5520fa82f5b87067c854efa0c415a185364319bb3b8b7c4110aef643f10a4715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

content-encoding: br
etag: 10067949874656045557
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 17:05:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 30 Sep 2024 17:05:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 140499
x-xss-protection: 0
server: cafe

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240925/r20110914/ 57 KB
22 KB 11ms
11ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240925/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9165829451065334&plah=crystalcalico.carrd.co

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4c32b0917f109a18f4aa46d4ca64eae27c6004c12ceb88bdd393251111cef6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

content-encoding: br
etag: 9689579541243546394
age: 74143
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 20:29:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 29 Sep 2024 20:29:20 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 22372
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240925/r20110914/ Frame 30CD 0
0 29ms
8ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240925/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crystalcalico.carrd.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 82758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Sep 2024 18:05:45 GMT
etag: 13108003645644964576
expires: Sun, 13 Oct 2024 18:05:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 1531 0
0 57ms
56ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-9165829451065334&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1706572121&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcrystalcalico.carrd.co%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aipecl=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727715902955&bpp=5&bdt=226&idt=102&shv=r20240925&mjsv=m202409240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6292379053185&rume=1&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31087427%2C31087429%2C31087434%2C31087436%2C44798934%2C95343455%2C31061691%2C31061692&oid=2&pvsid=4350270520360999&tmod=459018726&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=145

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crystalcalico.carrd.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Sep 2024 17:05:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 image02.png
crystalcalico.carrd.co/assets/images/ 222 KB
222 KB 40ms
39ms Image
image/png 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crystalcalico.carrd.co/assets/images/image02.png?v=0851b4e9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5160500ff24b63cc9c63772c5bd6f260522cfc9bcdeedf973d2c774beb1f39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

cache-control: public, max-age=604800
cf-cache-status: HIT
etag: "376f0-5e768c884ba70"
age: 503686
cf-ray: 8cb5cbaaee443a70-FRA
expires: Mon, 07 Oct 2024 17:05:03 GMT
accept-ranges: bytes
content-length: 227056
date: Mon, 30 Sep 2024 17:05:03 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 22:28:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 32ms
32ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240925&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e55535ca82da04ce7689d7c0820c8a6b5b6c5afe52c474a82a1b441529f328f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12880
date: Mon, 30 Sep 2024 17:05:03 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 404 favicon.ico
crystalcalico.carrd.co/ 637 B
544 B 535ms
535ms Other
text/html 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crystalcalico.carrd.co/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 219e5ae2778f7c3e1a9a0609f5f465a4fa58a9cf0655657d9274b3c5bd043671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 8cb5cbaafe513a70-FRA
expires: Mon, 30 Sep 2024 21:05:03 GMT
date: Mon, 30 Sep 2024 17:05:03 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 17:05:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 17:05:03 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 61C6 0
0 53ms
11ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crystalcalico.carrd.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 8531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Sep 2024 14:42:52 GMT
expires: Tue, 30 Sep 2025 14:42:52 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 354ms
117ms Ping
image/gif 2607:f8b0:4024:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m1p9fusk&c=4350270520360999&e=44759875%2C44759926%2C44759842%2C31087427%2C31087429%2C31087434%2C31087436%2C44798934%2C95343455%2C31061691%2C31061692&ctx=1&met.3=1001.ni_1__1~164.nk_1~165.nf_5~166.mz_l~166.np_2~1032.qa~326.qe_3~832.qi~868.qi~216.qa_9~215.qa_9~843.q8_b~889.rd~639.ry~112.sk_1~113.ts~1244.1jq&met.1=1.m1p9ftzz~6.3~7.5~8.n~9.n~10.1d~11.u~12.1d~13.gr~14.kw~15.h6~16.ma~17.ma~18.ma~19.tq~20.tq~21.ts~22.ja~23.ja
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240925/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c00::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://crystalcalico.carrd.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 17:05:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20240925&jk=4350270520360999&bg=!JSalJmnNAAbzZSz302U7ADQBe5WfOH_HjrtCW-dEdAWdb01gleHxMmoK4lrqVkEcWLnP4LE1X3nrflUlk9cJLKhp__XIAgAAAG9SAAAAAmgBB34ANlgYccB7yPtffk0o8M82ZdItj11CA_bCLHbIsiORxvIQvYymVRYBRh8lrvTi9kkFr_8ASqRD4ZkCnrbDVaoNmghjListoP9WrffBmZQKh_VPuqqqHU7CC7WSOM6Pjvv0GFhAAttB8lShaWgtJR9RSCyShBw3VAqQEKHZSyNLKncIIJGBQxUnoOJuHPFDkhPtHIKUMfMigfoLcju4INZwbPZComPQY5WwIwimppM0xfoJB9RH38toxr3RdlJBhc8yYqsaYOMOgz_ZpOlt1riRC60RoiY7GBAlMQG5S7CCMAbFgbhE9iebIH5EwOEYTssxvhYzNIryR8DJXEX3Mu37x_gbclYuFmGBVMuNY48Y4f9mHSjZnlxwkh-_f-dVBIKFq6EGE_SgQyJ6X4bTI40VDkV4W2DMUAbX5jSSytier7D81vdMO4hmpM4hdLTiXFXYUOu9mAXqd4ZPyGyJtXSu1dV13xn53OEpFrTIYIkSUGmnSpFaPTO_jfYl6QnIOyrDMykLD0nHInntRX5gQ7AGOg31p8fNae32XnvQr_JbH9gYlGgSwU2rit-sG19dXJ_k1KBtDlRyp22MR2z-cbezeQU98nKspO9ISKP9Bxc39yId9ur_gA82QjIvwQwVYalXyqLnutfUD1B1HAsG79jRKX2z2IxGisUs2qN1JQlVHZ6Ozl-9vfkRCgGdJ8B6bY4uYRIp6F0qNZWNqC0dQfMZcpy8g4cmDgeGcn6Ql4zMCTTSJcd-lxw6YvqELzM_kRCRgQQq3co8aysDzyKuVK3W5YDB-xHYVjJlv2QfEvLahISI5zqBLCkvtlvq6IO79dN3n_blR9Abc4b8F0vfkIpbQG40G5GIKsOhCGIBBF4YayuUfkIXL2J-2Kn7ZwSdPaF4zKqgEkJglTQI6JHJNPrintZlzrNRM8Qdy3Xtl_7R63BakCsSmXtJ571KUS5NnCRORwOPTZq5C50

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://crystalcalico.carrd.co/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crystalcalico.carrd.co
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
142.250.185.195
172.64.147.222
216.58.206.66
2607:f8b0:4024:c00::78
2a00:1450:4001:80f::200a
2a00:1450:4001:82f::2001
0310fef35923e38af74ff8d70e82da0a3b511e3365a4a42903e066cf80be7737
15f3f1c7833d97088b309882715a317c3b00816e1b5a0b0f5d120c66fefa1af7
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
219e5ae2778f7c3e1a9a0609f5f465a4fa58a9cf0655657d9274b3c5bd043671
30780496abb3a2b38ac697f97d44314e8e7311f9e258e8bc030004b361869462
4c32b0917f109a18f4aa46d4ca64eae27c6004c12ceb88bdd393251111cef6dc
5520fa82f5b87067c854efa0c415a185364319bb3b8b7c4110aef643f10a4715
68fb7e9f4b10becfa38e85f26610b3809776df1447948e92f2f3b44b002f12c1
85ee5adb6423ed4298c7895d02532b48a37409de697f919eb7beb60d502cb820
dbab678f7c54fc80a2b1a1e9c3480926259ccf9a2bd230f18553ad25998b7444
dd5160500ff24b63cc9c63772c5bd6f260522cfc9bcdeedf973d2c774beb1f39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55535ca82da04ce7689d7c0820c8a6b5b6c5afe52c474a82a1b441529f328f6
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

crystalcalico.carrd.co Open in urlscan Pro 172.64.147.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

7 IPs

2 Countries

521 kBTransfer

1015 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

crystalcalico.carrd.co Open in urlscan Pro
172.64.147.222 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

521 kB
Transfer

1015 kB
Size

0
Cookies

15 HTTP transactions
4 data transactions