bltc0lnpapervallet.christopher-plummer.com Open in urlscan Pro
192.189.2.75 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bltc0lnpapervallet.christopher-plummer.com/
Submission: On January 11 via api (January 11th 2024, 3:07:48 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 26 HTTP transactions. The main IP is 192.189.2.75, located in United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is bltc0lnpapervallet.christopher-plummer.com.
TLS certificate: Issued by R3 on December 12th 2023. Valid for: 3 months.

This is the only time bltc0lnpapervallet.christopher-plummer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.189.2.75 192.189.2.75	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
15	2600:9000:262... 2600:9000:262a:a00:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.249.9.28 13.249.9.28	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
26	9

1 192.189.2.75 (United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: amyg-002075.amygags.com

bltc0lnpapervallet.christopher-plummer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:262a:a00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.9.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-28.cdg53.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 89870	413 KB
3	framer.com events.framer.com — Cisco Umbrella Rank: 104813	16 KB
2	google.com www.google.com — Cisco Umbrella Rank: 6	563 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	3 KB
2	gstatic.com fonts.gstatic.com	33 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	80 KB
1	christopher-plummer.com bltc0lnpapervallet.christopher-plummer.com	17 KB
26	8

	Domain	Requested by
15	framerusercontent.com	bltc0lnpapervallet.christopher-plummer.com
3	events.framer.com	bltc0lnpapervallet.christopher-plummer.com events.framer.com
2	www.google.com	bltc0lnpapervallet.christopher-plummer.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	bltc0lnpapervallet.christopher-plummer.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	bltc0lnpapervallet.christopher-plummer.com
1	bltc0lnpapervallet.christopher-plummer.com
26	8

This site contains no links.

Subject Issuer	Validity	Valid
bltc0lnpapervallet.christopher-plummer.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bltc0lnpapervallet.christopher-plummer.com/
Frame ID: A5B4596DDB49978BBAB9901858C84E45
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Make Paper Wallets

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

26
Requests

96 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

562 kB
Transfer

1281 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11340569083/?random=584296307&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&label=T7XcCOuUuPoYEPuzzZ8q&hn=www.googleadservices.com&frm=0&tiba=Make%20Paper%20Wallets&gtm_ee=1&auid=1914333884.1704985663&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&ocp_id=PwSgZc3CCMvmjvQPxo298A0&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHAxczRYNWR4cXZwa0FzeWNuS1NJLVNvMDZGaWtmemRvQ0VSY3ZfbXJhMUFKeWcaWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2t5bkR6dVB3OVJuUWFBM3NpZmdsUXJVeEdKakdZZ29BMEl5eHNWeUFHbFFDdUUxSmhzaTVzRVciEwiN3rHGztWDAxVLs4MIHcZGD94 HTTP 302
https://www.google.com/pagead/1p-conversion/11340569083/?random=584296307&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&label=T7XcCOuUuPoYEPuzzZ8q&hn=www.googleadservices.com&frm=0&tiba=Make%20Paper%20Wallets&gtm_ee=1&auid=1914333884.1704985663&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHAxczRYNWR4cXZwa0FzeWNuS1NJLVNvMDZGaWtmemRvQ0VSY3ZfbXJhMUFKeWcaWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2t5bkR6dVB3OVJuUWFBM3NpZmdsUXJVeEdKakdZZ29BMEl5eHNWeUFHbFFDdUUxSmhzaTVzRVciEwiN3rHGztWDAxVLs4MIHcZGD94&is_vtc=1&ocp_id=PwSgZc3CCMvmjvQPxo298A0&cid=CAQSKQAvHhf_2kyLyTzaNj0dGjd_1yRBUyglEniqbqDbcVU0WfLUtYG4xVT5&random=1495967198

26 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bltc0lnpapervallet.christopher-plummer.com/ 157 KB
17 KB 1516ms
1075ms Document
text/html 192.189.2.75
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://bltc0lnpapervallet.christopher-plummer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.189.2.75 , United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: amyg-002075.amygags.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 88246a8b33483a409fc9f406641663fb2785826368832c45d870b5c1e0240342

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 16360
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Jan 2024 15:07:41 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 277ms
100ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11340569083

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3034f2a8a5a2781965496d5ed3a8857d597557a90f6ab8913e01239dd0d9cc81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 15:07:42 GMT

GET
H2 200 chunk-X4YPVTVW.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 237 B
986 B 929ms
612ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/chunk-X4YPVTVW.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fa362640c066d749c8bed695ce930f5353309535cfac8b5f0256065d0f5cfa71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: jxhxtPRuHFyG96XxYqZAtd00sYNiTfGl
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 237
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:36 GMT
server: CloudFront
etag: "fca01bb9decea1626d49653ee35fe8d2"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: zVDd8MfNrW7UMH3X_0bPAJCGiW6X3ELyk_e9vIxxDIM_LhziK6efIw==

GET
H2 200 chunk-65KX7K2Q.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 517 KB
153 KB 975ms
658ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/chunk-65KX7K2Q.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

99c1be379deb55a9d1156385b96ee17b659d93a8b9a01ab436e74f49c6743cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: 1wfMNG2dolgDIbNCZZAGTliqQ7dJtNAG
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:37 GMT
server: CloudFront
etag: W/"978b2136147eaea7ffd06bd5ec8d4839"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: 4efepQAebHux-0gAisqFcOXwaGVua8VgV0xmb968_WHDppCU5zZN0Q==

GET
H2 200 chunk-ELYU6EKT.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 447 B
1 KB 915ms
599ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/chunk-ELYU6EKT.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: laKUfRop5B9Z3MSaBJ5ioFm3cv_vR5If
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:37 GMT
server: CloudFront
etag: "bac0d5b5f6a61029b51079932ccda746"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: JFlW4_wuYjOrXc8mhb30XOCDtcQ49W4f4LH5ndv56aEJ2yF1PJa3Bw==

GET
H2 200 GgIZP7bblvo8m0MIqIJ_US7XSPwerOdmpFmvk5TNQ8Y.W2BN5ALD.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 82 KB
10 KB 973ms
657ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/GgIZP7bblvo8m0MIqIJ_US7XSPwerOdmpFmvk5TNQ8Y.W2BN5ALD.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

eb5c73607a87ace8fa23bf15faa363abb4c98978c4877e4bdbde09e7bfb06756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: BClc03a1382n8Hg._8wB.VBnQDaKxRIM
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:36 GMT
server: CloudFront
etag: W/"0e18dcf4592a3e361fd171d2cb5d5f3b"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
x-amz-cf-id: 06EIiEykVO0B3b7r1eAzC_UnRJ2N7Znd4wbhbY_0ORzxsY5ClqQfMA==

GET
H2 200 chunk-SAMJJ6OB.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 692 B
1 KB 902ms
586ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/chunk-SAMJJ6OB.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

84e0cca670a4950b3f32521c8c11ebc06b04e8178ca23e75bd9b868830fed08f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: 4m8MNNUuEmXZF8L5nABYL9EjeR.0myy.
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 692
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:36 GMT
server: CloudFront
etag: "dcb63769aeff84daf05038dd63a240b9"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: ix8NCrd-t0amyUbgXjbCb7nB5p2BrrYrBXmai3ovD6Bdk8quPX3t8A==

GET
H2 200 chunk-42U43NKG.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 44 B
792 B 953ms
637ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/chunk-42U43NKG.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: LV0YL7qRTLkqGqJ7jrBc99qJQ4qSnSm3
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:36 GMT
server: CloudFront
etag: "f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: TD_TBtl7OTMVysU59W5jmLWH2y_JhLcBfLnt5ZuafadYgRrb9LfrnQ==

GET
H2 200 chunk-TUYCDSND.mjs Show response
framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/ 736 B
1 KB 905ms
589ms Script
text/javascript 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/4ZQ6aBa3I1zuY81MZBU3X9/chunk-TUYCDSND.mjs

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

127233dd086533ea42822e58f348c6fc435f9656786a2cd0d00f38dd557444c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
x-amz-version-id: a3lNhWJ7qJL7n_GgQ25fborVCmQFINZ6
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 736
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Dec 2023 11:38:37 GMT
server: CloudFront
etag: "0681e6c9bcdaf1dad4bcd4fabe8e4fb9"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
x-amz-cf-id: PoMNTSkLO8pi6ylpxNkPxrT4jR0aos-jUMCIt6lW0tldNdTkCm7_Ww==

GET
H2 200 script Show response
events.framer.com/ 15 KB
16 KB 798ms
490ms Script
text/javascript 13.249.9.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/script
Requested by: Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-28.cdg53.r.cloudfront.net
Software: /
Resource Hash: 0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:07:43 GMT
via: 1.1 e2dc4178fd5d89ed6c6e3cd0e2e53fa6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 15602
x-amz-cf-pop: CDG53-C1
x-amzn-trace-id: Root=1-65a0043f-695d5c3927197d9528eaa73f
x-amzn-requestid: b230fd7a-917c-45f8-a8e4-2693066c402d
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Thu, 11 Jan 2024 15:07:13 GMT
x-amz-apigw-id: RYWZ7F7tIAMEB4g=
content-length: 15602
x-amz-cf-id: xfjXFPJaJCgN-bkAm8eGSwlokfifHbEW3-jTjx6UIEQhQPJtP4o5iA==

GET
H2 200 AaUW2N6W1BV6WPzUnBuXdohFoY.jpg
framerusercontent.com/images/ 26 KB
26 KB 431ms
155ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/AaUW2N6W1BV6WPzUnBuXdohFoY.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cccf684d9a5a8ea37df6f781d1846b2c71266f7f731e9259dc515c8180420fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 05:08:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 10835976
x-amzn-requestid: 0deeafa6-7fcc-43f3-ad43-08860a476d78
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64faac37-7e2818d7337cdefe7786f9fe;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: CjnT05XoFyAzBEexBq2iKIsDOgN_LKzvaMEau7H_LgCvFX6zkx6ykQ==

GET
H2 200 XSU9IPTBHTBTXmmQ9Lj0Kxd5Kp4.jpg
framerusercontent.com/images/ 28 KB
28 KB 458ms
182ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XSU9IPTBHTBTXmmQ9Lj0Kxd5Kp4.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f7de428b035ace1f53469cb8eb7f282031dff5106ee52031c436945b00b08b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 07:30:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 14888223
x-amzn-requestid: 7a1619b0-7da2-4ef0-ae93-292a41426429
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64bcd720-3e7235f87d72e71d6e2782c2;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 7b0XmmB2IzJD_tYTou5Uxo37DXSOHpaaj6WVu0_XsC5zIrisTzZpBw==

GET
H2 200 0RKNI6ByjQmq9nE8JXodpaweFYc.jpg
framerusercontent.com/images/ 67 KB
67 KB 600ms
522ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/0RKNI6ByjQmq9nE8JXodpaweFYc.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5c630a1c79487dcca156497605271c90150a9b696c0be23cac46f76dff34c2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 08:14:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 15144784
x-amzn-requestid: 38b17897-6dbb-4221-9752-f6df408846be
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64b8ecef-6f9553544cd1c1332ca87896;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: cH_LPpgv1ZYGzNbvKphCIOrDRdcYvNoQjEyeDSy65JMMDw1dEB_ydw==

GET
H2 200 4Ek6RyK1M6W4EKMeAt75KdyK1oA.jpg
framerusercontent.com/images/ 17 KB
17 KB 260ms
183ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/4Ek6RyK1M6W4EKMeAt75KdyK1oA.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7b4f8dc5440074d6938c6ad082da2a9ecae4430f66b3dd693e56be2e8b8d8eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:06:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 14990502
x-amzn-requestid: 2d59fdf4-eea9-4799-b17d-b626a1c1db4a
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64bb4799-7e10c81b09886ca86c449d7e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 0ltc_JXv02EiLOw_3I07s5PJFTHfoGXnLR2Oc3q7VoDidL2Ppady0g==

GET
H2 200 Jzkw7QiR5MwzEa1qgFO91WDLkOA.jpg
framerusercontent.com/images/ 17 KB
18 KB 517ms
440ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Jzkw7QiR5MwzEa1qgFO91WDLkOA.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6be3a95235b2ca664e45a95e123cf82ec258482db0895ab10f5411d6ddf57fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 06:17:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 15670225
x-amzn-requestid: 04fde22d-f553-4b0c-8718-a88549360a90
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64b0e86c-76c11d2c71d184b6420a775f;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: tiJtRZ2VjEm38Slw-QnCOv35etzX89_qHcdUMr-ZxX2tY5ddx9eWVg==

GET
H2 200 RCCSS65fIQ8jhayyxuR0WsnUK4.jpg
framerusercontent.com/images/ 64 KB
64 KB 381ms
304ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/RCCSS65fIQ8jhayyxuR0WsnUK4.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2a39c528d9ebebbd7e6eb334a9c91bf37b5e72946baa0d3a9a7a9bf0acb78a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:34:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 10182809
x-amzn-requestid: 6dcea800-6d40-4d07-a3b4-05e9ea602f98
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6504a3a5-6a4ce8bf7330ba7752d0bcda;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: YH78BCHm5NfTSRu8IfVYFcVSiGDHmrTq3qYgHi4hEoeGRT7GqDpFVA==

GET
H2 200 BCPFd4Zjg8M2cBxc00XKr34icXQ.jpg
framerusercontent.com/images/ 12 KB
13 KB 233ms
156ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/BCPFd4Zjg8M2cBxc00XKr34icXQ.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

52f7b057272fc5ef650524ba4f1d42c212af88756f2ca7cc55a6167175801956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 23:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 15174536
x-amzn-requestid: 46402a4f-d129-4db0-a18f-6c2dd900edbd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-64b878b6-59ca15ef3ca35fbf032f203a;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: B8ljd00zsnKkZzA-K0Wrlj6AsbhdLTxfHFmnXqhvMunQsFXD8gdJ9Q==

GET
H2 200 JKAKldfH96l4b3oPfzBDP4PHo.jpg
framerusercontent.com/images/ 8 KB
9 KB 355ms
277ms Image
image/webp 2600:9000:262a:a00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/JKAKldfH96l4b3oPfzBDP4PHo.jpg?scale-down-to=512

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:a00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

714543dab30ae33821a20eb3ffa224ec9181d6c833c20b4971869b67292f1a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:53:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
age: 2708076
x-amzn-requestid: 4e1db290-12e8-41cd-8697-81e200ca4026
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amzn-trace-id: root=1-6576b1d2-0d23cfdf1fc35de018515990;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 0Nhuyq-ROenY9xPhT7f9C6lSQ7XXmMdtUeI7X5r8uscbxmDqVWteww==

GET
DATA 200
OK truncated
/ 859 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3518440c2d3d1a7c02887242d4225da22a371078a751209e9eec45d8d6397b7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 801 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b102fee5f13ca3c4b419fb46e0dba536d5bb81635837620d7bf87c89e94a2d7b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e70a1827ce85f80450fe7757b6eb45c0344f832d4899dcc6a8a209ebe24986de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 712 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90e3cd35b0e9a4dff11189fcb5d1cd8f0dcbcb8c0e8bc57db4a7fbaf917efc9a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5h1aiZUrOngCibe4TkHLQg.woff2
fonts.gstatic.com/s/monoton/v19/ 16 KB
17 KB 200ms
63ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/monoton/v19/5h1aiZUrOngCibe4TkHLQg.woff2

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

912d17193cc65faaaa09a6cd8c8c4335f2d9385a6964888b8aa56508b5e66241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:08:22 GMT
x-content-type-options: nosniff
age: 151160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16516
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 21:08:22 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 16 KB
16 KB 217ms
81ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
Origin: https://bltc0lnpapervallet.christopher-plummer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 14:35:06 GMT
x-content-type-options: nosniff
age: 174756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16292
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 14:35:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11340569083/ 2 KB
2 KB 218ms
85ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11340569083/?random=1704985662914&cv=11&fst=1704985662914&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&hn=www.googleadservices.com&frm=0&tiba=Make%20Paper%20Wallets&auid=1914333884.1704985663&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11340569083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cb7703130be725ece7f7bf41222acf1b55ea7c5e910a4a3bd479f3a9c1e2a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1257
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11340569083/ 3 KB
2 KB 236ms
91ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11340569083/?random=1704985662945&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&label=T7XcCOuUuPoYEPuzzZ8q&hn=www.googleadservices.com&frm=0&tiba=Make%20Paper%20Wallets&gtm_ee=1&auid=1914333884.1704985663&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11340569083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

9bf0ee0ab2ac365401d75edb1f8231c8be9568700b4498bbc0caf9db6b52705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1595
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11340569083/ 42 B
455 B 218ms
81ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11340569083/?random=1704985662914&cv=11&fst=1704985200000&bg=ffffff&guid=ON&async=1&gtm=45be4180&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&frm=0&tiba=Make%20Paper%20Wallets&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_XFWiTVJIrA4vDCyqtCBiLLem3sPxlA&random=3684910011&rmt_tld=0&ipr=y

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:07:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/11340569083/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11340569083/?random=584296307&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&...
https://www.google.com/pagead/1p-conversion/11340569083/?random=584296307&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblt...

42 B
108 B

108ms
83ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11340569083/?random=584296307&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&label=T7XcCOuUuPoYEPuzzZ8q&hn=www.googleadservices.com&frm=0&tiba=Make%20Paper%20Wallets&gtm_ee=1&auid=1914333884.1704985663&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHAxczRYNWR4cXZwa0FzeWNuS1NJLVNvMDZGaWtmemRvQ0VSY3ZfbXJhMUFKeWcaWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2t5bkR6dVB3OVJuUWFBM3NpZmdsUXJVeEdKakdZZ29BMEl5eHNWeUFHbFFDdUUxSmhzaTVzRVciEwiN3rHGztWDAxVLs4MIHcZGD94&is_vtc=1&ocp_id=PwSgZc3CCMvmjvQPxo298A0&cid=CAQSKQAvHhf_2kyLyTzaNj0dGjd_1yRBUyglEniqbqDbcVU0WfLUtYG4xVT5&random=1495967198

Requested by

Host: bltc0lnpapervallet.christopher-plummer.com
URL: https://bltc0lnpapervallet.christopher-plummer.com/

Protocol

Server

2607:f8b0:4006:80f::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bltc0lnpapervallet.christopher-plummer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:07:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:07:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11340569083/?random=584296307&cv=11&fst=1704985662945&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbltc0lnpapervallet.christopher-plummer.com%2F&label=T7XcCOuUuPoYEPuzzZ8q&hn=www.googleadservices.com&frm=0&tiba=Make%20Paper%20Wallets&gtm_ee=1&auid=1914333884.1704985663&ec_mode=a&uamb=0&uaw=0&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHAxczRYNWR4cXZwa0FzeWNuS1NJLVNvMDZGaWtmemRvQ0VSY3ZfbXJhMUFKeWcaWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2t5bkR6dVB3OVJuUWFBM3NpZmdsUXJVeEdKakdZZ29BMEl5eHNWeUFHbFFDdUUxSmhzaTVzRVciEwiN3rHGztWDAxVLs4MIHcZGD94&is_vtc=1&ocp_id=PwSgZc3CCMvmjvQPxo298A0&cid=CAQSKQAvHhf_2kyLyTzaNj0dGjd_1yRBUyglEniqbqDbcVU0WfLUtYG4xVT5&random=1495967198
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 anonymous
events.framer.com/ 0
0 310ms
309ms Fetch
application/json 13.249.9.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-28.cdg53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://bltc0lnpapervallet.christopher-plummer.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jan 2024 15:07:44 GMT
via: 1.1 29f91c1e9be6cbd10add7ba15aee7660.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amzn-trace-id: Root=1-65a00440-1647a2777b3f9725585c4164;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: 8716bdc1-5ae4-49f0-9009-b2d489ca0530
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: RYWaDGaWIAMEhiA=
content-length: 0
x-amz-cf-id: a8S4i4R4WtrnPURIhcdKDxtIq8yFg4CCNFSPA1yFh5pX2e5lNCSV4g==

OPTIONS
H2 200 anonymous
events.framer.com/ 0
0 497ms
222ms Preflight
application/json 13.249.9.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-28.cdg53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bltc0lnpapervallet.christopher-plummer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 11 Jan 2024 15:07:43 GMT
via: 1.1 29f91c1e9be6cbd10add7ba15aee7660.cloudfront.net (CloudFront)
x-amz-apigw-id: RYWaBFknIAMEGCQ=
x-amz-cf-id: 2xWiNI8ZPHMAFQwWtxYzA7_n97MiCLCXXZuLdjV4fr8-NlUoEAb9Zw==
x-amz-cf-pop: CDG53-C1
x-amzn-requestid: f612d98c-493d-4073-9458-9a5939938209
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bltc0lnpapervallet.christopher-plummer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ddvq6e3vph1mi1o5vmijtj3duq
.bltc0lnpapervallet.christopher-plummer.com/	1970-01-20 17:37:52	Name: _subid Value: 2hgtdbbfmri
.bltc0lnpapervallet.christopher-plummer.com/	1970-01-20 17:37:52	Name: 3d444 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wiY2FtcGFpZ25zXCI6e1wiNjExXCI6MTcwNDk4NTY2Mn0sXCJ0aW1lXCI6MTcwNDk4NTY2Mn0ifQ.hv9usvi_B1xFWWAX4yPq1ksIRbXw8tWOKbgfos_59Xw
.christopher-plummer.com/	1970-01-20 19:46:01	Name: _gcl_au Value: 1.1.1914333884.1704985663
.doubleclick.net/	1970-01-21 03:12:25	Name: IDE Value: AHWqTUlEYAj3pHSExQAhM1NDP8kvfilKYStZ9hq-FB-zahCzibR_SnJyQ_S3YExR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bltc0lnpapervallet.christopher-plummer.com
events.framer.com
fonts.gstatic.com
framerusercontent.com
googleads.g.doubleclick.net
www.google.com
www.googleadservices.com
www.googletagmanager.com
13.249.9.28
142.250.65.226
192.189.2.75
2600:9000:262a:a00:d:ada1:a280:93a1
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::2008
0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e
0cb7703130be725ece7f7bf41222acf1b55ea7c5e910a4a3bd479f3a9c1e2a25
127233dd086533ea42822e58f348c6fc435f9656786a2cd0d00f38dd557444c4
2a39c528d9ebebbd7e6eb334a9c91bf37b5e72946baa0d3a9a7a9bf0acb78a37
3034f2a8a5a2781965496d5ed3a8857d597557a90f6ab8913e01239dd0d9cc81
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
4f7de428b035ace1f53469cb8eb7f282031dff5106ee52031c436945b00b08b5
52f7b057272fc5ef650524ba4f1d42c212af88756f2ca7cc55a6167175801956
5c630a1c79487dcca156497605271c90150a9b696c0be23cac46f76dff34c2b9
6be3a95235b2ca664e45a95e123cf82ec258482db0895ab10f5411d6ddf57fa8
714543dab30ae33821a20eb3ffa224ec9181d6c833c20b4971869b67292f1a14
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7b4f8dc5440074d6938c6ad082da2a9ecae4430f66b3dd693e56be2e8b8d8eb0
84e0cca670a4950b3f32521c8c11ebc06b04e8178ca23e75bd9b868830fed08f
88246a8b33483a409fc9f406641663fb2785826368832c45d870b5c1e0240342
90e3cd35b0e9a4dff11189fcb5d1cd8f0dcbcb8c0e8bc57db4a7fbaf917efc9a
912d17193cc65faaaa09a6cd8c8c4335f2d9385a6964888b8aa56508b5e66241
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
99c1be379deb55a9d1156385b96ee17b659d93a8b9a01ab436e74f49c6743cfe
9bf0ee0ab2ac365401d75edb1f8231c8be9568700b4498bbc0caf9db6b52705a
b102fee5f13ca3c4b419fb46e0dba536d5bb81635837620d7bf87c89e94a2d7b
cccf684d9a5a8ea37df6f781d1846b2c71266f7f731e9259dc515c8180420fde
e3518440c2d3d1a7c02887242d4225da22a371078a751209e9eec45d8d6397b7
e70a1827ce85f80450fe7757b6eb45c0344f832d4899dcc6a8a209ebe24986de
eb5c73607a87ace8fa23bf15faa363abb4c98978c4877e4bdbde09e7bfb06756
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa362640c066d749c8bed695ce930f5353309535cfac8b5f0256065d0f5cfa71

bltc0lnpapervallet.christopher-plummer.com Open in urlscan Pro 192.189.2.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

9 IPs

1 Countries

562 kBTransfer

1281 kBSize

5 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

bltc0lnpapervallet.christopher-plummer.com Open in urlscan Pro
192.189.2.75 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

562 kB
Transfer

1281 kB
Size

5
Cookies

26 HTTP transactions
4 data transactions