njuskalo.paysforms.info Open in urlscan Pro
2606:4700:3034::ac43:9f0a  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

• https://njuskalo.paysforms.info/build/fonts/opensans-regular.552ea4.woff HTTP 302
• https://www.njuskalo.hr/

Request Chain 11

• https://njuskalo.paysforms.info/build/fonts/firasans-medium.6d0873.woff HTTP 302
• https://www.njuskalo.hr/

Request Chain 12

• https://njuskalo.paysforms.info/build/fonts/opensans-semibold.1d8cbd.woff HTTP 302
• https://www.njuskalo.hr/

Request Chain 14

• https://njuskalo.paysforms.info/build/fonts/opensans-semibold.e1c83f.ttf HTTP 302
• https://www.njuskalo.hr/

Request Chain 15

• https://njuskalo.paysforms.info/build/fonts/opensans-regular.d7d5d4.ttf HTTP 302
• https://www.njuskalo.hr/

Request Chain 16

• https://njuskalo.paysforms.info/build/fonts/firasans-medium.12a58b.ttf HTTP 302
• https://www.njuskalo.hr/

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request cash69961005 Show response njuskalo.paysforms.info/	15 KB 4 KB	735ms 705ms	Document text/html	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://njuskalo.paysforms.info/cash69961005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.33 Resource Hash 410c4ab22819df9ef1eeec28758f8f96dd52d0f2df42b1f55f7cb1f20849e4d9 Request headers :method GET :authority njuskalo.paysforms.info :scheme https :path /cash69961005 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 set-cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D; expires=Mon, 16-Aug-2021 17:20:55 GMT; Max-Age=1209600; path=/ cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJTFDwcJ%2F85RD3HKkbV8MmYddX7zx4P2CzsjN%2FWLMPczrpx%2FyBdTTvxxuFyt8paS2Zrsl0EjA2qK3ZZMt%2B8xf8Iir3pS4h8SYdfVLYYM%2Fl428cKqbiLAdk%2BY15VUbDf18Ewe1C6qCGfv7zrzsFY55i601RHnNA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6788fac9ad774e44-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	ultra.css njuskalo.paysforms.info/assets/	506 KB 82 KB	76ms 65ms	Stylesheet text/css	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2e315a36b917f2c712c0753632dc73aaf84c448c3f690d8554fc6b9821cdb09 Request headers :path /assets/ultra.css?v=3.14 pragma no-cache cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority njuskalo.paysforms.info referer https://njuskalo.paysforms.info/cash69961005 :scheme https sec-fetch-site same-origin :method GET Referer https://njuskalo.paysforms.info/cash69961005 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT content-encoding br cf-cache-status MISS last-modified Thu, 04 Mar 2021 12:01:43 GMT server cloudflare etag W/"7e6a2-5bcb4bb1e17c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buGJjubD%2FVEvRzS52SuRyFgpNyLmUWvTVtGptHAXHXOvapDfIygM%2FaAANuvtVqxlpTkteGumYatCNg6Ll2%2FBtY6q1EipskRGPgE4S%2FQ3OjPPyHjetzdj0nqXJ1GoehtlVrFIr28%2BxNfCbTZ%2F0Uyb4Mg7%2FhNuRg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6788face4cd2c281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	jquery-1.9.1.js Show response njuskalo.paysforms.info/assets/	142 KB 43 KB	62ms 51ms	Script application/javascript	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://njuskalo.paysforms.info/assets/jquery-1.9.1.js Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4747a6e7aae7538e3571c7c69616fd69b8c6ec0918ffcf99c59888e8178f2c4a Request headers :path /assets/jquery-1.9.1.js pragma no-cache cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority njuskalo.paysforms.info referer https://njuskalo.paysforms.info/cash69961005 :scheme https sec-fetch-site same-origin :method GET Referer https://njuskalo.paysforms.info/cash69961005 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT content-encoding br cf-cache-status MISS last-modified Thu, 04 Mar 2021 12:01:42 GMT server cloudflare etag W/"23645-5bcb4bb0ed580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1T4tWYARvkHmgdSABkp8%2FMvmDcu%2FTmGmMKc4mBp3XTEvW0prIQ7tqft%2BRzReyvmG1ToASevvj7X3cr9nksCMPonZqh5NnlBAbd5pyPXS7CqCFidGJD9cEPKj%2BV%2FEw7XeMlOT%2BlvI1%2F7k8YpwXpQyOA5r6flWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6788face4cd1c281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	vendor.c4e25a.js Show response njuskalo.paysforms.info/assets/	5 KB 2 KB	61ms 50ms	Script application/javascript	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://njuskalo.paysforms.info/assets/vendor.c4e25a.js Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54b3e69a8a93d62636d2e5fe0a832099513ab295c5045192ca02bcd4353a7290 Request headers :path /assets/vendor.c4e25a.js pragma no-cache cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority njuskalo.paysforms.info referer https://njuskalo.paysforms.info/cash69961005 :scheme https sec-fetch-site same-origin :method GET Referer https://njuskalo.paysforms.info/cash69961005 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT content-encoding br cf-cache-status MISS last-modified Thu, 04 Mar 2021 12:01:43 GMT server cloudflare etag W/"12b0-5bcb4bb1e17c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPZyM8HnCGSvnjcfIJA%2FyhIMpxP9lQSEQRJztQXYkCbaULkfFIbd6LpvF80yogRWx8yhlqhp%2Fc6bw6rrkycgT7LmvKKclbwQIgYm3isrA1i8kx42AZ%2B9XfPvf%2FGVtJivOxnLgyQ4N%2BF8MPWBzdmjqBdM0lq4GQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6788face4ccdc281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	logo.png njuskalo.paysforms.info/	19 KB 20 KB	37ms 36ms	Image image/png	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://njuskalo.paysforms.info/logo.png Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25f75ba5b833b3c70f5cbe5711b1df207e88b5d80be3b8001ea6550b2c643f0e Request headers :path /logo.png pragma no-cache cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority njuskalo.paysforms.info referer https://njuskalo.paysforms.info/cash69961005 :scheme https sec-fetch-site same-origin :method GET Referer https://njuskalo.paysforms.info/cash69961005 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT cf-cache-status MISS last-modified Thu, 04 Mar 2021 12:01:43 GMT server cloudflare etag "4ce4-5bcb4bb1e17c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJ2y22AbzZLbtd97dsZuU4aNW4WWXLTQVM%2Bm23%2F3bt06FE9FvZVZ%2BA6Tq42fZ6C86RICpoIhaiQfwsg42b448mda03P4ocdNI46PbkgHcdjaz16N27QcfQ9Q%2F9leAaO3SX3z0%2FRaSZkLUp1oswNjQLticJh4Gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6788facebd79c281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 19684
GET H2	200	zotac-gaming-geforce-rtx-2060-twin-fan-slika-137195396.jpg www.njuskalo.hr/image-w920x690/graficke-kartice/	62 KB 62 KB	144ms 48ms	Image image/jpeg	193.25.220.113 STYRIA_AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.njuskalo.hr/image-w920x690/graficke-kartice/zotac-gaming-geforce-rtx-2060-twin-fan-slika-137195396.jpg Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.25.220.113 Zagreb, Croatia, ASN51577 (STYRIA_AS, HR), Reverse DNS Software nginx / Resource Hash 1f3a3f418bc8029db356ec4059e8eb082449f9ed840e8d2fa5f0d3c143a673a4 Request headers Referer https://njuskalo.paysforms.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT last-modified Tue, 14 Jul 2009 14:48:01 GMT server nginx x-purge from 82.102.18.114 content-type image/jpeg cache-control max-age=2592000 content-length 63759 expires Wed, 11 Aug 2021 09:34:55 GMT
GET H2	200	MZWnuXLRL6E6p4RN7pI5OVg9m_WPHzslwwiixx8RCsPzkz-VGS9BjiM8j3jlEdPswVre lh5.ggpht.com/	111 KB 111 KB	9ms 7ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh5.ggpht.com/MZWnuXLRL6E6p4RN7pI5OVg9m_WPHzslwwiixx8RCsPzkz-VGS9BjiM8j3jlEdPswVre Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 26ec2bdd0d6a1e2dd8e055287bd4494a0f7be4e2757be582ea069caa1da8040b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://njuskalo.paysforms.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 16:56:35 GMT x-content-type-options nosniff age 1461 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113810 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 30 Jul 2021 15:05:52 GMT
GET H2	200	0.80159700_1571155533.png cdn.megabonus.com/images/parcel/service_logo/	14 KB 14 KB	68ms 15ms	Image image/png	2600:9000:2057:9800:4:83b2:30c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.megabonus.com/images/parcel/service_logo/0.80159700_1571155533.png Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:9800:4:83b2:30c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 52280c7cc014f9d72d601b29e7a7689a81a0aba9df280e7412a14a68569ca719 Request headers Referer https://njuskalo.paysforms.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id vbRih8NWgxsSjHIYOiSuRBCKmY06O4Uk via 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront) last-modified Tue, 15 Oct 2019 16:05:34 GMT server AmazonS3 age 20478 etag "880006ca6c2c618ce8012180ffbee701" x-cache Hit from cloudfront content-type image/png date Mon, 02 Aug 2021 11:39:39 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 14119 x-amz-cf-id OmUugugZ3sGmpHY-0zk0ZCNbpo5yB46RIALkMBhwYHpVtII0SSsanA==
GET H2	200	loader.js Show response www.smartsuppchat.com/	23 KB 7 KB	29ms 9ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.smartsuppchat.com/loader.js? Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/cash69961005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b4bfeb1be6e77a5be771c7f615d36199e05607a8d10e4d188c994a05948bd39e Request headers Referer https://njuskalo.paysforms.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rgWUxknvAgAAAA== x-accel-expires @1627924914 date Mon, 02 Aug 2021 17:20:56 GMT content-encoding br etag W/"60b8ebb2-5bf5" last-modified Thu, 03 Jun 2021 14:48:18 GMT server CDN77-Turbo x-77-nzt-ray nQqDkFSI/1Y= x-77-cache HIT content-type application/javascript cache-control max-age=300, public, s-maxage=60 x-cache HIT x-age 2 x-77-pop frankfurtDE expires Thu, 03 Jun 2021 14:54:34 GMT
GET H3-29	200	secure.62a90a.svg njuskalo.paysforms.info/assets/	1 KB 1 KB	37ms 30ms	Image image/svg+xml	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://njuskalo.paysforms.info/assets/secure.62a90a.svg Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7da5e162f6616a90b7969155f655efb6d472f9e20fac96bf37185cda7250fc3a Request headers :path /assets/secure.62a90a.svg pragma no-cache cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority njuskalo.paysforms.info referer https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 :scheme https sec-fetch-site same-origin :method GET Referer https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT content-encoding br cf-cache-status MISS last-modified Thu, 04 Mar 2021 12:01:43 GMT server cloudflare etag W/"42f-5bcb4bb1e17c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lcOrOdCqfmx52pxnvqDn3IB5q4Pm2vbdhR4lPZHd6aT%2FB35BFINm%2Bnh86KAWGvueqawb8yIMkE7DIybR7lf8g1OjEvUsXtR%2FOAggWVflFYqemXIRBZlFPpM%2FoPqoJnOCoJc25LOa0hXb%2BdnxmQE8FrkzJzGrA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6788facefdf6c281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	shipping.0b7110.svg njuskalo.paysforms.info/assets/	651 B 969 B	50ms 43ms	Image image/svg+xml	2606:4700:3034::ac43:9f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://njuskalo.paysforms.info/assets/shipping.0b7110.svg Requested by Host: njuskalo.paysforms.info URL: https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51643c716a8f10f2ddf4c7469d7a337e3383fc6a9718a0c2b70bc68a87c83e8d Request headers :path /assets/shipping.0b7110.svg pragma no-cache cookie 0800fc577294c34e0b28ad2839435945=MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority njuskalo.paysforms.info referer https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 :scheme https sec-fetch-site same-origin :method GET Referer https://njuskalo.paysforms.info/assets/ultra.css?v=3.14 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 17:20:56 GMT content-encoding br cf-cache-status MISS last-modified Thu, 04 Mar 2021 12:01:43 GMT server cloudflare etag W/"28b-5bcb4bb1e17c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7Tej4DXaLlNdqtLjgdz%2Ft9f641yn8d%2FpmxVD2KB6%2BHrFp%2BDB5mgFiHm65XUuTusFCsskev2k5%2B7%2BIS9AcStR7avTXRCs%2BkLqRXLQMPledh1vjP1M4KrK1DywEnakm9Va%2BOMQibYDRoTEPDiDja4X48vrL1gag%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6788facefdfac281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET		/ www.njuskalo.hr/ Redirect Chain https://njuskalo.paysforms.info/build/fonts/opensans-regular.552ea4.woff https://www.njuskalo.hr/	0 0
GET		/ www.njuskalo.hr/ Redirect Chain https://njuskalo.paysforms.info/build/fonts/firasans-medium.6d0873.woff https://www.njuskalo.hr/	0 0
GET		/ www.njuskalo.hr/ Redirect Chain https://njuskalo.paysforms.info/build/fonts/opensans-semibold.1d8cbd.woff https://www.njuskalo.hr/	0 0
GET H2	400	%D0%9A%D0%9B%D0%AE%D0%A7%20%D0%9F%D0%9E%D0%94%D0%94%D0%95%D0%A0%D0%96%D0%9A%D0%98.json Show response bootstrap.smartsuppchat.com/widget/	58 B 257 B	98ms 36ms	XHR application/json	3.65.6.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bootstrap.smartsuppchat.com/widget/%D0%9A%D0%9B%D0%AE%D0%A7%20%D0%9F%D0%9E%D0%94%D0%94%D0%95%D0%A0%D0%96%D0%9A%D0%98.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.65.6.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-65-6-125.eu-central-1.compute.amazonaws.com Software / Resource Hash 13828ea8e19b6a8c1775f9c2800190a36148cb7286daa67ebd5f08b8502fc60d Request headers Referer https://njuskalo.paysforms.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * x-version dd7aa3fd74890dee45e641d61fd476758d95b5cd date Mon, 02 Aug 2021 17:20:56 GMT cache-control private, max-age=0, must-revalidate content-length 58 vary Accept-Encoding content-type application/json; charset=utf-8
GET		/ www.njuskalo.hr/ Redirect Chain https://njuskalo.paysforms.info/build/fonts/opensans-semibold.e1c83f.ttf https://www.njuskalo.hr/	0 0
GET		/ www.njuskalo.hr/ Redirect Chain https://njuskalo.paysforms.info/build/fonts/opensans-regular.d7d5d4.ttf https://www.njuskalo.hr/	0 0
GET		/ www.njuskalo.hr/ Redirect Chain https://njuskalo.paysforms.info/build/fonts/firasans-medium.12a58b.ttf https://www.njuskalo.hr/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.njuskalo.hr

URL

https://www.njuskalo.hr/

Domain

www.njuskalo.hr

URL

https://www.njuskalo.hr/

Domain

www.njuskalo.hr

URL

https://www.njuskalo.hr/

Domain

www.njuskalo.hr

URL

https://www.njuskalo.hr/

Domain

www.njuskalo.hr

URL

https://www.njuskalo.hr/

Domain

www.njuskalo.hr

URL

https://www.njuskalo.hr/

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| a function| b undefined| pr_name undefined| pr_price undefined| pr_image undefined| u_name undefined| u_image undefined| u_rating undefined| rating undefined| ratNo function| number_format function| showForm function| hideForm object| _smartsupp function| smartsupp function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			njuskalo.paysforms.info/	1970-01-19 20:32:14	Name: 0800fc577294c34e0b28ad2839435945 Value: MDBiNzg3Njk4MDdiODI1MmFkZjk5NjBkNmIzYzQwYmE%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.smartsuppchat.com/loader.js?(Line 1) Message: Error: Request failed with status 400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstrap.smartsuppchat.com
cdn.megabonus.com
lh5.ggpht.com
njuskalo.paysforms.info
www.njuskalo.hr
www.smartsuppchat.com
www.njuskalo.hr
193.25.220.113
2600:9000:2057:9800:4:83b2:30c0:93a1
2606:4700:3034::ac43:9f0a
2a00:1450:4001:82b::2001
2a02:6ea0:c700::11
3.65.6.125
13828ea8e19b6a8c1775f9c2800190a36148cb7286daa67ebd5f08b8502fc60d
1f3a3f418bc8029db356ec4059e8eb082449f9ed840e8d2fa5f0d3c143a673a4
25f75ba5b833b3c70f5cbe5711b1df207e88b5d80be3b8001ea6550b2c643f0e
26ec2bdd0d6a1e2dd8e055287bd4494a0f7be4e2757be582ea069caa1da8040b
410c4ab22819df9ef1eeec28758f8f96dd52d0f2df42b1f55f7cb1f20849e4d9
4747a6e7aae7538e3571c7c69616fd69b8c6ec0918ffcf99c59888e8178f2c4a
51643c716a8f10f2ddf4c7469d7a337e3383fc6a9718a0c2b70bc68a87c83e8d
52280c7cc014f9d72d601b29e7a7689a81a0aba9df280e7412a14a68569ca719
54b3e69a8a93d62636d2e5fe0a832099513ab295c5045192ca02bcd4353a7290
7da5e162f6616a90b7969155f655efb6d472f9e20fac96bf37185cda7250fc3a
b4bfeb1be6e77a5be771c7f615d36199e05607a8d10e4d188c994a05948bd39e
f2e315a36b917f2c712c0753632dc73aaf84c448c3f690d8554fc6b9821cdb09