gustybgwendolin.pages.dev Open in urlscan Pro
172.66.44.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Submission Tags: @ecarlesi possiblethreat phishing irsnews Search All
Submission: On January 01 via api (January 1st 2025, 10:05:23 am UTC) from IT — Scanned from IT

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 40 HTTP transactions. The main IP is 172.66.44.191, located in United States and belongs to CLOUDFLARENET, US. The main domain is gustybgwendolin.pages.dev.
TLS certificate: Issued by WE1 on December 28th 2024. Valid for: 3 months.

This is the only time gustybgwendolin.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	172.66.44.191 172.66.44.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
1	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3034::ac43:cd28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:8a00:1a:f17d:4240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.12.216 104.18.12.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	216.198.54.1 216.198.54.1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	2a04:4e42::84 2a04:4e42::84	54113 (FASTLY) (FASTLY)
1	104.21.96.1 104.21.96.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.182.173 172.67.182.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
2	172.67.34.118 172.67.34.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	15

22 172.66.44.191 (United States)

ASN13335 (CLOUDFLARENET, US)

gustybgwendolin.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)

dismounttaxigloomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tse1.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cd28 (United States)

ASN13335 (CLOUDFLARENET, US)

paperspanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8a00:1a:f17d:4240:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3pbdh1dmixop.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

i9formprintable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.216 (None, )

ASN13335 (CLOUDFLARENET, US)

www.signnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

static1.s123-cdn-static-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.54.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

grandbrass.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.96.1 (None, )

ASN13335 (CLOUDFLARENET, US)

oyungurup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.182.173 (United States)

ASN13335 (CLOUDFLARENET, US)

fillableforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.34.118 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	pages.dev gustybgwendolin.pages.dev	399 KB
4	dismounttaxigloomy.com dismounttaxigloomy.com
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 19002 c.statcounter.com — Cisco Umbrella Rank: 11933	13 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	188 KB
1	fillableforms.net fillableforms.net	694 KB
1	oyungurup.com oyungurup.com	579 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 2496	75 KB
1	zendesk.com grandbrass.zendesk.com	152 KB
1	s123-cdn-static-a.com static1.s123-cdn-static-a.com	88 KB
1	signnow.com www.signnow.com — Cisco Umbrella Rank: 173961	78 KB
1	i9formprintable.com i9formprintable.com	427 KB
1	cloudfront.net d3pbdh1dmixop.cloudfront.net	277 KB
1	paperspanda.com paperspanda.com	534 KB
1	bing.net tse1.mm.bing.net — Cisco Umbrella Rank: 3054	118 KB
40	14

	Domain	Requested by
22	gustybgwendolin.pages.dev	gustybgwendolin.pages.dev
4	dismounttaxigloomy.com	gustybgwendolin.pages.dev
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	gustybgwendolin.pages.dev
1	i.ytimg.com	gustybgwendolin.pages.dev
1	fillableforms.net	gustybgwendolin.pages.dev
1	oyungurup.com	gustybgwendolin.pages.dev
1	i.pinimg.com	gustybgwendolin.pages.dev
1	grandbrass.zendesk.com	gustybgwendolin.pages.dev
1	static1.s123-cdn-static-a.com	gustybgwendolin.pages.dev
1	www.signnow.com	gustybgwendolin.pages.dev
1	i9formprintable.com	gustybgwendolin.pages.dev
1	d3pbdh1dmixop.cloudfront.net	gustybgwendolin.pages.dev
1	paperspanda.com	gustybgwendolin.pages.dev
1	tse1.mm.bing.net	gustybgwendolin.pages.dev
40	15

This site contains links to these domains. Also see Links.

Domain
adorethemes.com

Subject Issuer	Validity	Valid
gustybgwendolin.pages.dev WE1	`2024-12-28` - `2025-03-28`	3 months	crt.sh
dismounttaxigloomy.com R11	`2024-12-28` - `2025-03-28`	3 months	crt.sh
*.mm.bing.net Microsoft Azure RSA TLS Issuing CA 08	`2024-10-27` - `2025-04-25`	6 months	crt.sh
paperspanda.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
i9formprintable.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
signnow.com E5	`2024-11-18` - `2025-02-16`	3 months	crt.sh
static1.s123-cdn-static-a.com R11	`2024-11-20` - `2025-02-18`	3 months	crt.sh
grandbrass.zendesk.com E6	`2024-11-08` - `2025-02-06`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
oyungurup.com WE1	`2024-12-28` - `2025-03-28`	3 months	crt.sh
fillableforms.net WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
edgestatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2024-12-16` - `2025-12-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Frame ID: 365311544D3DB4A6E0DEE7A26EE6C74D
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

W9 Form 2024 Irs Request - Rani Valeda

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

43 %
IPv6

14
Domains

15
Subdomains

15
IPs

4
Countries

3622 kB
Transfer

4189 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adorethemes.com/
Title: Adore Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/ 45 KB
12 KB 138ms
78ms Document
text/html 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

336e8525c96f7a538eebd65213e3ab35f85d03ee68583fe146c1225dfe78dcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8fb1b0aa7bd839e5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 01 Jan 2025 10:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfV3CoFCRqwTWBRahWMr5FKbYa4gcagBOBY3nBasVHavlmn2AxbNfm35kw6V7PEOGEksEIqvvfv8zG0vkd1EWaxjM9ZeanekW87TAFC0Qgdjx%2B6DAN1iMx9MwZdiWbxXfI6zo5NTChaJF4kG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=41564&min_rtt=41519&rtt_var=15602&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4390&delivery_rate=76364&cwnd=12000&unsent_bytes=0&cid=c0a09ca874985d20&ts=82&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1 403
Forbidden c331f53d8cb1f5b6cb7f7b13f9d18a13.js
dismounttaxigloomy.com/c3/31/f5/ 0
0 472ms
127ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://dismounttaxigloomy.com/c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 01 Jan 2025 10:05:18 GMT
Content-Type: application/javascript
Host: dismounttaxigloomy.com
Server: nginx/1.21.6

GET
H3 200 style.min.css
gustybgwendolin.pages.dev/wp-includes/css/dist/block-library/ 108 KB
15 KB 94ms
93ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"141cf6fd3e4b533eaa9c573b7c16bc31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26fOZa%2Fn3WlpItnZ7m7gKzOXtGw2b3Y2P9IG%2B0c0LJ%2FjeJR107CX6pm%2BZNOg9mjFjEScOScYKWNtb3JFFAyL5sMnUojvFYEArpMovUh6P%2FiV%2FRxQMUtl5bjK5zZOeEYeEmH0FbHHbOULagUP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43742&min_rtt=41386&rtt_var=4216&sent=26&recv=25&lost=0&retrans=0&sent_bytes=16649&recv_bytes=8617&delivery_rate=280697&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=182&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc2c39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css
gustybgwendolin.pages.dev/wp-content/fonts/ 7 KB
1 KB 95ms
93ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d76efef41ec1fb2cf10642cd64c799d004469c821eb62f2e74fbb20d8b2ed2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"23023960ad3d42400088fb96b2a83403"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARqvXK%2B5MJ8shZ8xT9IUveTNcG%2Bq2%2FOvI8jKwO%2FW0F43CHfQp9kONiHd3pfrKHlhRTyuBPq4%2FglrNswHkgNBXnZz9Ta%2BSTHq2lDMnpoz6ynG9Dgk0kZEuMAw%2FMIU3xEyd%2BrztHAGQW0oWEqc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43742&min_rtt=41386&rtt_var=4216&sent=30&recv=25&lost=0&retrans=0&sent_bytes=21443&recv_bytes=8617&delivery_rate=280697&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=182&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc2e39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 slick.min.css
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/ 1 KB
1 KB 137ms
135ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/slick.min.css?ver=1.8.0

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"da5260864087e354f2cc198b410cdbef"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BYlRD9Lyy4GDCAWi4%2FeWZONteGcERVxzTA9BoiUtAQgxidwaxDkdGiXl68FEixYteBeUMabCAA0Lo7vfRGt%2BAGU5ms5S1oYCqWklEipanCKHtDDnH7Me1xRoG9w%2BVEtCSEPJZ5YJUUXAJgl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44687&min_rtt=41386&rtt_var=5052&sent=43&recv=26&lost=0&retrans=0&sent_bytes=33449&recv_bytes=8661&delivery_rate=7906&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=196&x=1", cfExtPri, cfHdrFlush;dur=28
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc2f39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 fontawesome.min.css
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/ 59 KB
13 KB 95ms
94ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/fontawesome.min.css?ver=1.8.0

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0173f373b1b9a52382e776643fdf31ffb5d4b209bbd2cb34d4642b7c17f990

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"71b710749b792738918b18194cd9af57"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ir97qoCPZX8W63gy4iN6ygUGvb%2BL3mPNQNeoBAKZCmilfJMoLxbuiBy6HKYgoqPqlltwLBG27GM8FtQZ26xfpIL%2BnUXIC%2BcCvwcxRRP9GkpHaShGoE7K4fdTWgsBJmy%2FS%2FW0oMQWIKVUJfI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43742&min_rtt=41386&rtt_var=4216&sent=36&recv=25&lost=0&retrans=0&sent_bytes=27482&recv_bytes=8617&delivery_rate=280697&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=183&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3039e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 blocks.min.css
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/ 12 KB
3 KB 95ms
94ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/blocks.min.css?ver=6.4.3

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbaf719b79ad5dc5eeb08a4b32bdf1efc8645a980bfabb9120007fc00fe890bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"d256859d61ff94fd855c464b83cd0a70"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkRHTQYZ3J9AmthgoPU6YZt4zT4yZ8Zl1%2FhlBYmQxENVC9IowvmegLjbWfbPHbmI5TdYy3bg3o4k%2BIfKdX482my6895DejcN%2FSzHvET9VOsJjhMDvLkD8woZpJvqfV0zCEPpSYq5NzsJv9in"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43742&min_rtt=41386&rtt_var=4216&sent=30&recv=25&lost=0&retrans=0&sent_bytes=21443&recv_bytes=8617&delivery_rate=280697&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=182&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3139e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 style.css
gustybgwendolin.pages.dev/wp-content/themes/adore-news/ 119 KB
19 KB 136ms
135ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/style.css?ver=1.0.7

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ddcaffbcf44efb3c8f199274f02c8c6d63ce1448babfd3a45fd813ff216d48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"0194b22cd8a80ca1e3f6d40b8e580178"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BchPvIRA8mbEprGETNYAQETPJDtHzzv3A7%2BRlMPZmBt7YNnsBAtAiEwRYfjsWT07tkd%2FjgCEhEzKxqEgEyImRp5%2BgZM5xXvErHSPv%2FqhyzvXpw8MU604Wf8X4GT0M7UKaI2gAnrcb0rwS5N"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43742&min_rtt=41386&rtt_var=4216&sent=42&recv=25&lost=0&retrans=0&sent_bytes=32971&recv_bytes=8617&delivery_rate=280697&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=190&x=1", cfExtPri, cfHdrFlush;dur=34
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3239e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 arpw-frontend.css
gustybgwendolin.pages.dev/wp-content/plugins/advanced-random-posts-widget/assets/css/ 275 B
875 B 179ms
178ms Stylesheet
text/css 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.4.3

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"89495a62273346014c21c363f32c166b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGPNis1eK34UpP4USEnSX2gL5F%2F1AYlWO%2FivzfE6doRZOE0sMEoWR6EMNDzgD5Fd1kbSHbwB4USVat40%2B2steeJga%2FsIUww29Qj1Qc2iLLhzYUEB8q%2B12eKuik7Y0H0xKQpY5gM7NaKlyj%2F6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44687&min_rtt=41386&rtt_var=5052&sent=43&recv=26&lost=0&retrans=0&sent_bytes=33449&recv_bytes=8661&delivery_rate=7906&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=198&x=1", cfExtPri, cfHdrFlush;dur=27
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3339e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery.min.js Show response
gustybgwendolin.pages.dev/wp-includes/js/jquery/ 86 KB
32 KB 179ms
178ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"4faaa9d1e8ac6b951abd4ab674ea9ec1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UnpmGf6hi6ZmXGeRuX%2FUDoypdyvK0RjgZHuixvj%2BzK%2BD5MSp2zFtmMOBoxmaPzaFhg7HT1AW%2B8FGZ3zyGbKU%2FyMb3z7t5ZyDUj5yCclx1zOpZZBQ2e0cjMfrk511MlreltxB0jJtrBbygyMY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44687&min_rtt=41386&rtt_var=5052&sent=43&recv=26&lost=0&retrans=0&sent_bytes=33449&recv_bytes=8661&delivery_rate=7906&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=206&x=1", cfExtPri, cfHdrFlush;dur=19
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3439e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
gustybgwendolin.pages.dev/wp-includes/js/jquery/ 13 KB
6 KB 220ms
219ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"ff416357a541c2641e2808b797569af3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AvJ6iNuhga%2F4N7gCn0Sg7I9fklwqAE73RZSmil8UvPEoSzyAHLCgwybWv2jlS4S2P6Oqauc1MIZPcavQco%2B6Veiii0SdUBS%2FLH8IyuVbL7tANm9CtKXDm%2FnSU9SGcNW6g8FxqviiTIgX6L95"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43742&min_rtt=41386&rtt_var=4216&sent=42&recv=25&lost=0&retrans=0&sent_bytes=32971&recv_bytes=8617&delivery_rate=280697&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=187&x=1", cfExtPri, cfHdrFlush;dur=38
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3639e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 style-5.gif
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/ 100 KB
101 KB 221ms
221ms Image
image/gif 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/style-5.gif

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ab11b969e9c1fc77fa03a228bfebb095fa1b6254228ba5c548618d0ce51d648

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

etag: "4b1db9cae1d73be55100c64607b20e93"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1gD0cI73MTNwN4l3qoJ6eetTB8wLiBwLv3thw1dKiEPMBpD15L3Wk6zDS%2Bz9oxXxXFlzgGszqNskFYIJfBVY25el8%2BJ083yqWMvLGAmoZi8VZFAdBTSGi9NULXEISaQUL66N64AFg9BU3GN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44687&min_rtt=41386&rtt_var=5052&sent=43&recv=26&lost=0&retrans=0&sent_bytes=33449&recv_bytes=8661&delivery_rate=7906&cwnd=16800&unsent_bytes=0&cid=c0a09ca874985d20&ts=198&x=1", cfExtPri, cfHdrFlush;dur=27
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aafc3739e5-FRA
access-control-allow-origin: *
content-length: 102371
server: cloudflare

GET
H/1.1 403
Forbidden invoke.js
dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/ 0
0 486ms
134ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 01 Jan 2025 10:05:18 GMT
Content-Type: application/javascript
Host: dismounttaxigloomy.com
Server: nginx/1.21.6

GET
H2 200 th
tse1.mm.bing.net/ 117 KB
118 KB 420ms
273ms Image
image/jpeg 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse1.mm.bing.net/th?q=W9%20Form%202024%20Irs%20Request&w=1280&h=720&c=5&rs=1&p=0
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d3204ca1be682a5dd55775f480dc44ca4029c8e3a7b0f428f350b605de92a0ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cache-control: public, max-age=5184000
timing-allow-origin: *
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3C25769ACB040EB91190C92540C678A Ref B: ZRHEDGE1208 Ref C: 2025-01-01T10:05:18Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 119898
date: Wed, 01 Jan 2025 10:05:17 GMT
content-type: image/jpeg
access-control-allow-headers: *

GET
H2 200 w-9-form-pdf-editable.png
paperspanda.com/wp-content/uploads/2021/07/ 532 KB
534 KB 291ms
204ms Image
image/png 2606:4700:3034::ac43:cd28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paperspanda.com/wp-content/uploads/2021/07/w-9-form-pdf-editable.png
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cd28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f97e9dd7e76a58563e439f738a2af35bfd054f3a8c06a884965c9cae4ecc12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cf-cache-status: MISS
etag: "850f0-648327df-21a7623;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OyNmMaePdwPeHVupV8yX2Q0qP0kbJOjjK4j1zVwf4cd2jg3aBz76FiMeYBxFA8ERgmFGq26JnqJpWJmy%2Bx6JaKqU%2BhPfBsNECvEDC2RfRrfb9xPIxxuIdk4wApmaHQQpsI57A6%2FV0AKtkzXWixI%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 08 Jan 2025 10:05:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30264&min_rtt=30117&rtt_var=4849&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3983&recv_bytes=2359&delivery_rate=128674&cwnd=253&unsent_bytes=0&cid=a8752fe7ebd6c93f&ts=209&x=0"
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/png
last-modified: Fri, 09 Jun 2023 13:23:43 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fb1b0ae7cb0522a-MXP
accept-ranges: bytes
content-length: 545008
server: cloudflare

GET
H2 200 2019-how-to-fill-w9-filledform.png
d3pbdh1dmixop.cloudfront.net/pdfexpert/img/howto/tax-forms/w9/ 276 KB
277 KB 148ms
54ms Image
image/png 2600:9000:2250:8a00:1a:f17d:4240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3pbdh1dmixop.cloudfront.net/pdfexpert/img/howto/tax-forms/w9/2019-how-to-fill-w9-filledform.png
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:1a:f17d:4240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f373c3f14aab7b8cf880de5b05dd418234f94ed4d899636c7d90281a4c5e3182

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

etag: "1709190dd2af2e95a7df693c617482bb"
age: 14479
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 282925
x-amz-cf-id: xZEWtLj6E855uLwINqceQBgjP4tLjHE5PwsgjL2k7sGlvekk_isuTg==
date: Wed, 01 Jan 2025 06:04:00 GMT
content-type: image/png
last-modified: Wed, 17 Mar 2021 10:20:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2

GET
H3 200 irs-form-i-9.jpg
i9formprintable.com/wp-content/uploads/2021/09/ 462 KB
427 KB 150ms
70ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i9formprintable.com/wp-content/uploads/2021/09/irs-form-i-9.jpg

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0746de60a9472213a31ae89471b9c3aa70bf538bc125420ecae1b19b1cbf3fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"61377a26-7361b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xS5jzHWIzknS8xX8HUBxAJzpmNU4TbJhP0n%2BNYEoDnxFs1tmy0xtl0T5Mh%2F%2BeuneZzaVGRrE0tOBerLHJ8S4R8UWbuCYpN3pOCbrV2ZFfUd6y%2F9HvxwPReSpUkLJhvipfwzMGjrj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 15:21:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39416&min_rtt=39150&rtt_var=14871&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4118&recv_bytes=4348&delivery_rate=77478&cwnd=12000&unsent_bytes=0&cid=074f049834d7bf3b&ts=76&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/jpeg
last-modified: Tue, 07 Sep 2021 14:41:42 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fb1b0ae79b23809-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 large.png
www.signnow.com/preview/456/108/456108115/ 77 KB
78 KB 368ms
259ms Image
image/png 104.18.12.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signnow.com/preview/456/108/456108115/large.png
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 406c207493a733dd8482efbd6643607cc073ea7c4b20207157c3c5bd05c4e0a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cache-control: max-age=604800, public
cf-cache-status: DYNAMIC
etag: "fb72f511e1ef5f585f3e0031fa3431a0"
cf-ray: 8fb1b0aeabc1d22b-FRA
expires: Wed, 08 Jan 2025 10:05:18 GMT
accept-ranges: bytes
content-length: 79054
date: Wed, 01 Jan 2025 10:05:18 GMT
x-img-cache: MISS
content-type: image/png
last-modified: Mon, 04 May 2020 11:36:55 GMT
server: cloudflare

GET
H2 200 800_622801b09fd46.png
static1.s123-cdn-static-a.com/uploads/4484657/ 88 KB
88 KB 1122ms
995ms Image
image/webp 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.s123-cdn-static-a.com/uploads/4484657/800_622801b09fd46.png
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 9c3a862e905eb76310cc3a25b414e44b849c81a397db5b913f2cec3419989e19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cdn-status: 200
x-downloadsize: 175877
x-bo-version: 1.0.26
x-bo-server: ASB-210
x-bo-compressionratio: 48.95%
x-bo-processingtime: 52
date: Wed, 01 Jan 2025 10:05:19 GMT
content-type: image/webp
x-bo-origindownloadtime: 752
cdn-cachedat: 01/01/2025 10:05:19
last-modified: Wed, 01 Jan 2025 10:05:18 GMT
cdn-requestpullcode: 200
cdn-cache: MISS
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 8830815b-41f2-4841-bd99-3b7bd0f49e11
cdn-requestid: 31e69f8fc26434556b08fc33d085603b
cdn-pullzone: 203711
cdn-proxyver: 1.06
content-length: 89788
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: IT

GET
H2 200 W9.jpg
grandbrass.zendesk.com/hc/en-us/article_attachments/360001840080/ 151 KB
152 KB 333ms
236ms Image
image/jpeg 216.198.54.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grandbrass.zendesk.com/hc/en-us/article_attachments/360001840080/W9.jpg

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa89fbaa8feb2c3ba64c788d0e7c596668593fea811e61c882fe738d23827f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

x-robots-tag: none, noarchive
x-request-id: 8fb1b0aea350d412-FRA
cf-cache-status: MISS
etag: "239a5f93bd20c1c5d780ff7990d9dbda"
x-amz-version-id: DVHDQP1ZDWJe5ZF1Bw9ERVJObMEf9j7h
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tmY%2F%2FyQLqtCh7DqOxczlZ%2FrjzrUVzb2eMlCfWgkUVQ%2FoGJBrEU42C3%2BC8C5tQKDVDFp0r5WfxTGFwv0Ifal700f3WlPJFoP2dIZ%2FnBE4I2UXSewCb5o%2B8XP3THl3SNyy9DLWPvuYdo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/jpeg
content-disposition: inline; filename="w92024.JPG"
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:55:44 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=120, public
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fb1b0ae9f1bd412-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 154618
x-zendesk-zorg: yes
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fee852236b0b519ef3e60ddd46f00f29.jpg
i.pinimg.com/originals/fe/e8/52/ 75 KB
75 KB 442ms
345ms Image
image/jpeg 2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/fe/e8/52/fee852236b0b519ef3e60ddd46f00f29.jpg
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f55019ee0a4417ef7d721e0566de3da2e2f2df0228d20806290d1af2e171c8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cache-control: max-age=31536000, immutable
etag: "d9ec598486477d4a05da8e3ecff7ac25"
x-cdn: fastly
accept-ranges: bytes
alt-svc: h3=":443";ma=604800
content-length: 76481
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/jpeg
vary: Origin

GET
H3 200 w-9-tax-form-irs-9-tax-id-information-instructions-irs-blank-w-9-form-2020-printable.jpg
oyungurup.com/wp-content/uploads/2019/09/ 646 KB
579 KB 141ms
63ms Image
image/jpeg 104.21.96.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oyungurup.com/wp-content/uploads/2019/09/w-9-tax-form-irs-9-tax-id-information-instructions-irs-blank-w-9-form-2020-printable.jpg

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17832b84972866ddb3db37f3c0a97cd057f3e857030f71af5993025016976e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d78491f-a177e"
age: 24655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgDmm1jvK2xtJA4bUO4sC5lWLMRGLIUN4DErD%2FQIsVYRJNH35wusqgKTbv8gYFlPf7TW2qsGEwH7XuHMuZoJpGWWs1AgJ3TdoCZ7jYJipTqUAEKNTrKmVONhfSIhSsFp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 03:14:23 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/jpeg
last-modified: Wed, 11 Sep 2019 01:08:47 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8fb1b0ae7c23dcb2-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2023-irs-w-4-form-hrdirect-1.jpg
fillableforms.net/wp-content/uploads/2022/10/ 693 KB
694 KB 333ms
215ms Image
image/jpeg 172.67.182.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fillableforms.net/wp-content/uploads/2022/10/2023-irs-w-4-form-hrdirect-1.jpg
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e64aad380ef38735a88863c02a0f5f8783b78c945280acdf15546bca52e538a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cf-cache-status: MISS
etag: "ad440-64832908-24487e8;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElVfpAQiKuIBogGNKNLVSAu4CGhimhvtvVnIQpPl9yAx2ZYc9kqqdyOrq1wUxwEqNahEUCwQL5zGAl95UcqJx2BmNrKnlFx2W2bwl2wmU34zMJZHOPMgmfA16wJqbPxlrVEI1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 08 Jan 2025 10:05:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39260&min_rtt=38859&rtt_var=6389&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4480&delivery_rate=435&cwnd=12000&unsent_bytes=0&cid=07c5e65586d547df&ts=220&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/jpeg
last-modified: Fri, 09 Jun 2023 13:28:40 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fb1b0aebc769b1f-FRA
accept-ranges: bytes
content-length: 709696
server: cloudflare

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/zVgxsNzkS4I/ 188 KB
188 KB 255ms
158ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zVgxsNzkS4I/maxresdefault.jpg

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62441bdf5b2f5eb1fdffff18ddb487ea0735709b12af9ced514ebaa262d1ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

etag: "0"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 01 Jan 2025 12:05:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 192070
x-xss-protection: 0
server: sffe

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 174ms
63ms Script
application/javascript 172.67.34.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.34.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608242c41714bcf0ce0c6dc6befbfbd8a4c4fa6c97d88f5deec2f5238ba3e3fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6768f8c8-8a98"
age: 10635
cf-ray: 8fb1b0af5f81dbd4-FRA
expires: Wed, 01 Jan 2025 19:08:03 GMT
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 23 Dec 2024 05:44:40 GMT

GET
H3 200 inspector.js Show response
gustybgwendolin.pages.dev/wp-content/plugins/wp-meta-and-date-remover/assets/js/ 4 KB
2 KB 107ms
105ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756530782672d6af0bec6df0d11aaa9f36ee2ed6e2337e42620b447a718ed8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"155e673a0ef0fa0671bf62a6b4137ed9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKpRF08BbyLjwpEEr4%2FqvV1htC0q09DKAMWk2BKfziXpGzedX1pO938yW9WgFoxLY1K7YUmwjbOuljhxdDWlctwqZeYjMsetjqrKhJ9OVz09agMa%2BQR0vHinIozNu%2FHeSzy1lsfFsofxytBm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=273&recv=87&lost=0&retrans=0&sent_bytes=287062&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=676&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e3c39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 navigation.min.js Show response
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/ 1 KB
1 KB 100ms
98ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/navigation.min.js?ver=1.0.7

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e41a7f04a7ee5039f882bc018d3f8123784cb1e6039be786e139a8df36d55621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"5b6c82058fb9fb2b07893bed5d8d4033"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MD322nSqgk%2B1BsGNyaCUPBkhwSMS3kKQHjkJGsH6MkwYmMGXqZAa%2Byd%2B%2FfSjOTT3Wp4eoUYOiWUagGWj22EzVLfcfSLcNUJ0hLwziWBQuKt%2BrNJcOjGbP93jTMN2yGlR3vosxqVwZIWpWaao"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=213&recv=87&lost=0&retrans=0&sent_bytes=218123&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=670&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e3d39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 slick.min.js Show response
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/ 43 KB
11 KB 145ms
143ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/slick.min.js?ver=1.8.0

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a49c85ae2db19ca7ad2bd54a706a632f8c9534c609acee3388f116df3bc53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"0b9dded898a0fc848974861773d9ad97"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MwW6Cwb8ipjRU%2FQpf27RqgNCBJbgMAdH23qprcxTQHi%2Fqi8p4lYENQpz2uZHIyuglXe3B%2FIP5FZBFx3tP8WP9LYqaLhOKr77qTlPdJ7LXo4NTYdyEDHA9tnHvVtNFpVKB1q91MvdAQj19g%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=288&recv=87&lost=0&retrans=0&sent_bytes=303323&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=678&x=1", cfExtPri, cfHdrFlush;dur=36
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e3e39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 acmeticker.min.js Show response
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/ 3 KB
2 KB 103ms
101ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/acmeticker.min.js?ver=1.8.0

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b455a33de30533ef29a58172408f8177c77ce31c53484ca6fce5ccdc3ce67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"1a1cb333baf4110798fecda0a3c932b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXtTClfwVb3RGDWeNkianHtSAUO3SYz7Quspas7MMQE7N1FIEZuUvILAK6Rs%2FaHOtWvfAGA%2FlhcXkUOMB%2B1GkAM%2BFypfHgdXwB3281oUAEoH5DK16IjWVwpuN5l2JXNGfClz%2Fs16Kl%2BUHvru"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=235&recv=87&lost=0&retrans=0&sent_bytes=243370&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=672&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e3f39e5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 custom.min.js Show response
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/ 4 KB
2 KB 151ms
149ms Script
application/javascript 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/js/custom.min.js?ver=1.0.7

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02ea0f924a8ecb9f0d44d775d0edefa90d99ca3b27698e090538ba4c828f6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

content-encoding: br
etag: W/"8e4435f2d7755d74b53640084c59eb97"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8uRlM75FfOlnFesN%2BAiLR1gs0OCIKjm%2BJAcD%2BaNfNPGi%2F3Iny5VziOMjPBywd7r9I%2FxYOG2SIxxTVoHeHT38LfiNNqL2osi1FN8fpFALRZFDeTNMX6cG6VlV%2BK5uwZzHOI4ps4hN9BVclgG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=288&recv=87&lost=0&retrans=0&sent_bytes=303323&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=677&x=1", cfExtPri, cfHdrFlush;dur=37
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e4139e5-FRA
access-control-allow-origin: *
server: cloudflare

GET 2b6e955a-7c5f-46e8-9b1f-d7bf4caf2f25
https://gustybgwendolin.pages.dev/ 0
0

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
gustybgwendolin.pages.dev/wp-content/fonts/muli/ 32 KB
33 KB 100ms
100ms Font
font/woff2 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/fonts/muli/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gustybgwendolin.pages.dev
Referer: https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Response headers

etag: "a78da580266133af49da6aab32d3d90e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnO7KZommwhOU4UY33a6DFYefbz4FzLXkI4b%2Fq9Mu0rgeQr7CYWCFWiH1YMxRLGFvORCaHYjM5eW%2B3e83Gnzam8hDs09TQ8gL5rHkO4QF2uQelm4gXRrp38Y6ZJh7iPWxTqRDrNRTDhPepez"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=244&recv=87&lost=0&retrans=0&sent_bytes=252789&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=675&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e4339e5-FRA
access-control-allow-origin: *
content-length: 32796
server: cloudflare

GET
H3 200 fa-solid-900.woff2
gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/webfonts/ 76 KB
77 KB 101ms
101ms Font
font/woff2 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/webfonts/fa-solid-900.woff2

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/fontawesome.min.css?ver=1.8.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gustybgwendolin.pages.dev
Referer: https://gustybgwendolin.pages.dev/wp-content/themes/adore-news/assets/css/fontawesome.min.css?ver=1.8.0

Response headers

etag: "079a3d5bc90bae0b701fb4f0471943d6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wsi5eKUN%2FF1jSXRdkhA9wuDboSHFymT%2FMgwufB5LSbQUi%2BQbQ4vAMyBZfVTWjmpYDDznYPEdZey3aaf2r9wPcsmbyoQfrmP%2FoanCeE7qgaeAVdA9V81%2FAAoVsAmz%2BPnOqbYBJKA9tDAjPvgf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=276&recv=87&lost=0&retrans=0&sent_bytes=289159&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=676&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae0e4539e5-FRA
access-control-allow-origin: *
content-length: 78268
server: cloudflare

GET
H/1.1 403
Forbidden invoke.js
dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/ 0
0 135ms
135ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 01 Jan 2025 10:05:18 GMT
Content-Type: application/javascript
Host: dismounttaxigloomy.com
Server: nginx/1.21.6

GET
H3 200 7Auwp_0qiz-afTzGLRrX.woff2
gustybgwendolin.pages.dev/wp-content/fonts/muli/ 29 KB
30 KB 91ms
91ms Font
font/woff2 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/fonts/muli/7Auwp_0qiz-afTzGLRrX.woff2

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gustybgwendolin.pages.dev
Referer: https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Response headers

etag: "8c63f4c80dd27ded0cc812aa1ed455bb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJ1z8oGyr7l0HeJAtOo7pKra72%2BD7kv1Kydezxdbo5hAeBpbV0Oqr95p74U8vNtbnp8RBKgH0%2FYY4FrxGnwyqXg8sAfrAVXstKd4vteLDX%2BtdZZ%2B6pIpiqSXzoMXJJLX9tg7DBF17XwgHpVB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44285&min_rtt=41386&rtt_var=1152&sent=215&recv=87&lost=0&retrans=0&sent_bytes=219370&recv_bytes=14078&delivery_rate=1749905&cwnd=85200&unsent_bytes=0&cid=c0a09ca874985d20&ts=672&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0ae1e4c39e5-FRA
access-control-allow-origin: *
content-length: 30028
server: cloudflare

GET
H/1.1 403
Forbidden invoke.js
dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/ 0
0 132ms
131ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
Requested by: Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 01 Jan 2025 10:05:18 GMT
Content-Type: application/javascript
Host: dismounttaxigloomy.com
Server: nginx/1.21.6

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
gustybgwendolin.pages.dev/wp-content/fonts/roboto/ 15 KB
16 KB 61ms
60ms Font
font/woff2 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gustybgwendolin.pages.dev
Referer: https://gustybgwendolin.pages.dev/wp-content/fonts/8bdcb40ee7c4e79faa4f2cb0bd1bf3d1.css

Response headers

etag: "327f51cb3be108945dba1bcce6ce309d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXq20kp%2FRfBU2r6qFQpBkJjByrk%2BvonuY5fV1piuxOeMlsNnXz79m5Ppb7QOEK9hgM%2Fmg47K8FZJjMygyDuFY69gTOiEk1v3zG7tYS%2F%2B2%2FD2m%2FPu16bWlKb5A7dx6NI6gGOFWOYfEnjUUfPD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43239&min_rtt=41386&rtt_var=935&sent=359&recv=103&lost=0&retrans=0&sent_bytes=383915&recv_bytes=15155&delivery_rate=829753&cwnd=165600&unsent_bytes=0&cid=c0a09ca874985d20&ts=778&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0aeeec639e5-FRA
access-control-allow-origin: *
content-length: 15860
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
gustybgwendolin.pages.dev/wp-includes/js/ 46 KB
10 KB 76ms
76ms Script
text/html 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: gustybgwendolin.pages.dev
URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea57365e11ea76fc484c93cad8dee05286406f33fef7125cfc7c32036e1e8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEJgXqmA%2BEf2w2EhKSiZEFueokp1YxVAV%2FzmtKkkKfTOIDmxGdZvPAni6OrA3n99oQeLrRjZmUkWxWpBFX6MjL%2FaRWG114M7Ek08qhhk2yvz%2Febki7P%2F1SVznDLrK0E53Cslz2367ijSzw7j"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0afbf3c39e5-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43019&min_rtt=41386&rtt_var=905&sent=375&recv=106&lost=0&retrans=0&sent_bytes=400902&recv_bytes=15584&delivery_rate=401563&cwnd=165600&unsent_bytes=0&cid=c0a09ca874985d20&ts=925&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
578 B 240ms
232ms XHR
application/json 172.67.34.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12981326&u1=C19AC27967394014958D84F288EBA202&java=1&security=8ec2a274&sc_snum=1&sess=7810d0&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/&t=W9%20Form%202024%20Irs%20Request%20-%20Rani%20Valeda&invisible=1&sc_rum_e_s=912&sc_rum_e_e=914&sc_rum_f_s=0&sc_rum_f_e=907&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.34.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8fb1b0afe86ddbd4-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://gustybgwendolin.pages.dev
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
date: Wed, 01 Jan 2025 10:05:18 GMT
content-type: application/json
server: cloudflare

GET
H3 200 favicon.ico
gustybgwendolin.pages.dev/ 46 KB
10 KB 74ms
73ms Other
text/html 172.66.44.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gustybgwendolin.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea57365e11ea76fc484c93cad8dee05286406f33fef7125cfc7c32036e1e8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSnu7KDRb0kf1bUt3lp5H1f7LBTTBrH7nDluNV70rELxvKKgNa%2Bpv%2BsrepwBh%2FJwm3bKfh7w4MpEcaLcMESvvRqMx1VFlHTEctaeiOSRlq1222N7hXOWDVJKMts2iHwLqjnuJiOxZd8Po6H3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8fb1b0b58af139e5-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43293&min_rtt=41386&rtt_var=1228&sent=386&recv=108&lost=0&retrans=0&sent_bytes=411791&recv_bytes=16092&delivery_rate=139870&cwnd=165600&unsent_bytes=0&cid=c0a09ca874985d20&ts=1847&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 01 Jan 2025 10:05:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gustybgwendolin.pages.dev
URL: blob:https://gustybgwendolin.pages.dev/2b6e955a-7c5f-46e8-9b1f-d7bf4caf2f25

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gustybgwendolin.pages.dev/	1970-01-21 11:44:45	Name: sc_is_visitor_unique Value: rx12981326.1735725919.C19AC27967394014958D84F288EBA202.1.1.1.1.1.1.1.1.1
.grandbrass.zendesk.com/	1970-01-21 02:08:47	Name: __cf_bm Value: o2MbC4R8eF3TDmZ77I5p6SDMz01LNs6w702b0.OyXGE-1735725918-1.0.1.1-VIVMO3UumXxLEijzVjhpQj4pki5KEneaNExzRq9eCZKAd_PQA5JzsL9LT4W0hGMRs7LYX7z3FeKbhGPQw3rD8Q
.grandbrass.zendesk.com/	1969-12-31 23:59:59	Name: __cfruid Value: 133e1f15cbe2d0c91cb1d0a3bdc07db67374142d-1735725918
.grandbrass.zendesk.com/	1969-12-31 23:59:59	Name: _cfuvid Value: qOGZnpN3ih7i4q9utODd_2WQRpQgm2Y988VWeZgEUy0-1735725918691-0.0.1.1-604800000
.signnow.com/	1970-01-21 02:08:47	Name: __cf_bm Value: LPQVkN2nprSE1Ese_lsCXhCLQMY43wBlQNInoJX7iEY-1735725918-1.0.1.1-IyHVfmU67JQZGOxhUckzkt1agqzEo90rIVZes19fTVGDHdsFPJTNPP5_7GF4oQafS0zPQocXX37x9drSd7lbQQ
.statcounter.com/	1970-01-21 11:44:45	Name: is_unique Value: sc12981326.1735725918.0
.statcounter.com/	1970-01-21 11:44:45	Name: is_visitor_unique Value: 1735725918640797672

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dismounttaxigloomy.com/c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://gustybgwendolin.pages.dev/ytrrfqw-w9-form-2024-irs-request-images-czhoocz/ Message: Refused to execute script from 'https://gustybgwendolin.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
d3pbdh1dmixop.cloudfront.net
dismounttaxigloomy.com
fillableforms.net
grandbrass.zendesk.com
gustybgwendolin.pages.dev
i.pinimg.com
i.ytimg.com
i9formprintable.com
oyungurup.com
paperspanda.com
static1.s123-cdn-static-a.com
tse1.mm.bing.net
www.signnow.com
www.statcounter.com
gustybgwendolin.pages.dev
104.18.12.216
104.21.96.1
172.240.108.76
172.66.44.191
172.67.182.173
172.67.34.118
188.114.97.3
216.198.54.1
2400:52e0:1e00::1082:1
2600:9000:2250:8a00:1a:f17d:4240:93a1
2606:4700:3034::ac43:cd28
2620:1ec:33:1::10
2a00:1450:4001:806::2016
2a04:4e42::84
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0746de60a9472213a31ae89471b9c3aa70bf538bc125420ecae1b19b1cbf3fd0
1c0173f373b1b9a52382e776643fdf31ffb5d4b209bbd2cb34d4642b7c17f990
2e64aad380ef38735a88863c02a0f5f8783b78c945280acdf15546bca52e538a
2f55019ee0a4417ef7d721e0566de3da2e2f2df0228d20806290d1af2e171c8f
336e8525c96f7a538eebd65213e3ab35f85d03ee68583fe146c1225dfe78dcab
3ea57365e11ea76fc484c93cad8dee05286406f33fef7125cfc7c32036e1e8f3
406c207493a733dd8482efbd6643607cc073ea7c4b20207157c3c5bd05c4e0a6
41f97e9dd7e76a58563e439f738a2af35bfd054f3a8c06a884965c9cae4ecc12
4ddcaffbcf44efb3c8f199274f02c8c6d63ce1448babfd3a45fd813ff216d48d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
608242c41714bcf0ce0c6dc6befbfbd8a4c4fa6c97d88f5deec2f5238ba3e3fc
6d76efef41ec1fb2cf10642cd64c799d004469c821eb62f2e74fbb20d8b2ed2e
6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d
756530782672d6af0bec6df0d11aaa9f36ee2ed6e2337e42620b447a718ed8ec
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9ab11b969e9c1fc77fa03a228bfebb095fa1b6254228ba5c548618d0ce51d648
9c3a862e905eb76310cc3a25b414e44b849c81a397db5b913f2cec3419989e19
a1a49c85ae2db19ca7ad2bd54a706a632f8c9534c609acee3388f116df3bc53d
b02ea0f924a8ecb9f0d44d775d0edefa90d99ca3b27698e090538ba4c828f6d5
b9b455a33de30533ef29a58172408f8177c77ce31c53484ca6fce5ccdc3ce67f
c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa
caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d3204ca1be682a5dd55775f480dc44ca4029c8e3a7b0f428f350b605de92a0ba
dbaf719b79ad5dc5eeb08a4b32bdf1efc8645a980bfabb9120007fc00fe890bc
e17832b84972866ddb3db37f3c0a97cd057f3e857030f71af5993025016976e7
e41a7f04a7ee5039f882bc018d3f8123784cb1e6039be786e139a8df36d55621
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f373c3f14aab7b8cf880de5b05dd418234f94ed4d899636c7d90281a4c5e3182
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62441bdf5b2f5eb1fdffff18ddb487ea0735709b12af9ced514ebaa262d1ed1
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
fa89fbaa8feb2c3ba64c788d0e7c596668593fea811e61c882fe738d23827f21

gustybgwendolin.pages.dev Open in urlscan Pro 172.66.44.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

43 %IPv6

14 Domains

15 Subdomains

15 IPs

4 Countries

3622 kBTransfer

4189 kBSize

7 Cookies

1 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gustybgwendolin.pages.dev Open in urlscan Pro
172.66.44.191 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

43 %
IPv6

14
Domains

15
Subdomains

15
IPs

4
Countries

3622 kB
Transfer

4189 kB
Size

7
Cookies

40 HTTP transactions
0 data transactions