acrsmartclassroom.com Open in urlscan Pro
51.79.251.183  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://sindio.be/gyy.html Page URL
2. https://acrsmartclassroom.com/wp-admin/js/dl/ Page URL
3. https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	gyy.html Show response sindio.be/	109 B 420 B	590ms 156ms	Document text/html	162.0.238.90 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://sindio.be/gyy.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.0.238.90 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.sindio.website Software Apache / Resource Hash f4b9a6dbfa5227b87174a8cbe05826732c50c88a4f527dc40aa80b8dc867b889 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 120 Content-Type text/html Date Mon, 21 Nov 2022 17:25:10 GMT Keep-Alive timeout=5, max=100 Last-Modified Mon, 21 Nov 2022 17:09:48 GMT Server Apache Vary Accept-Encoding,User-Agent
GET H2	200	/ Show response acrsmartclassroom.com/wp-admin/js/dl/	215 B 530 B	1422ms 255ms	Document text/html	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Full URL https://acrsmartclassroom.com/wp-admin/js/dl/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / PHP/7.4.32 Resource Hash 0343e17fd722223df88b8c5313333355714ba4f8d12c201deb7c5d24ac26a460 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://sindio.be/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 21 Nov 2022 17:25:13 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx/1.22.1 strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-powered-by PHP/7.4.32 x-xss-protection 1; mode=block
GET H2	200	Primary Request rstontova.php Show response acrsmartclassroom.com/wp-admin/js/dl/	12 KB 4 KB	172ms 171ms	Document text/html	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Full URL https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / PHP/7.4.32 Resource Hash c44e570faaa2a506c4c7831ac471a092a9b8c1263366ae094fa15f900c4f5474 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://acrsmartclassroom.com/wp-admin/js/dl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 21 Nov 2022 17:25:13 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx/1.22.1 strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-powered-by PHP/7.4.32 x-xss-protection 1; mode=block
GET H2	200	main.css acrsmartclassroom.com/wp-admin/js/dl/guess/	138 KB 16 KB	339ms 338ms	Stylesheet text/css	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash b1d3d6097907be9c4730892b74c227e857dbaedd28c8480d52d51d17dbcb054c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 content-encoding gzip etag W/"5f81fc7a-2260a" vary Accept-Encoding content-type text/css cache-control max-age=315360000 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	vertical.png acrsmartclassroom.com/wp-admin/js/dl/guess/	245 KB 243 KB	340ms 339ms	Image image/png	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/vertical.png Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash 471fe7c33b2ac6fccc2200b7ecbf2db41349a7ae218afe24f204cb84fc5a550f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 content-encoding gzip etag W/"5f81fc7a-3d318" vary Accept-Encoding content-type image/png cache-control max-age=315360000 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	horizontal.png acrsmartclassroom.com/wp-admin/js/dl/guess/	5 KB 5 KB	498ms 497ms	Image image/png	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/horizontal.png Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash d379630f9694c5d1b89c52020420a824457ef5fc0e3daae1dd101a226c61ec90 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 content-encoding gzip etag W/"5f81fc7a-12e0" vary Accept-Encoding content-type image/png cache-control max-age=315360000 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	black.png acrsmartclassroom.com/wp-admin/js/dl/guess/	11 KB 12 KB	498ms 498ms	Image image/png	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/black.png Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash df8e91e89e60f25adb96a11a4d5b8a42da3fa2707da4da009947dc4d092ba3ab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 content-encoding gzip etag W/"5f81fc7a-2d5e" vary Accept-Encoding content-type image/png cache-control max-age=315360000 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	s.js Show response waust.at/	8 KB 4 KB	112ms 69ms	Script application/x-javascript	2606:4700:20::681a:407 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/s.js Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT content-encoding br cf-cache-status HIT last-modified Fri, 11 Nov 2022 22:14:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3531 etag W/"636ec947-2170" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzONDGaCAnKisYRFm8QUaL4zXbUTKdz%2BKqjJRNaqqV4nNzFC3lN5V4ey4EWv8OgJOl311YxVKOeZWgDs2ywtN%2BjjP3rhFnedGK4mo%2FVAnHaCGsMwzSCDwWQc5aIsZuHn4I5vCkli"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 76db1f97ade69b5b-FRA expires Tue, 22 Nov 2022 16:26:22 GMT
GET H2	200	govuk-crest.png acrsmartclassroom.com/wp-admin/js/dl/guess/	4 KB 4 KB	353ms 352ms	Image image/png	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/govuk-crest.png Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 content-encoding gzip etag W/"5f81fc7a-e00" vary Accept-Encoding content-type image/png cache-control max-age=315360000 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	light-v2.woff2 acrsmartclassroom.com/wp-admin/js/dl/guess/	33 KB 33 KB	353ms 353ms	Font font/woff2	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/light-v2.woff2 Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE Origin https://acrsmartclassroom.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 etag "5f81fc7a-8266" content-type font/woff2 accept-ranges bytes content-length 33382 x-xss-protection 1; mode=block
GET H2	200	bold-v2.woff2 acrsmartclassroom.com/wp-admin/js/dl/guess/	31 KB 31 KB	353ms 353ms	Font font/woff2	51.79.251.183 OVH
General Check archive.org Show headers Download Go to Full URL https://acrsmartclassroom.com/wp-admin/js/dl/guess/bold-v2.woff2 Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.79.251.183 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS vps-a7684233.vps.ovh.ca Software nginx/1.22.1 / Resource Hash 06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://acrsmartclassroom.com/wp-admin/js/dl/guess/main.css?dBRWLVGBkwyjmXvzUrapsdGKpSRuDKZnE Origin https://acrsmartclassroom.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sat, 10 Oct 2020 18:24:58 GMT server nginx/1.22.1 etag "5f81fc7a-7af8" content-type font/woff2 accept-ranges bytes content-length 31480 x-xss-protection 1; mode=block
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	2 KB 3 KB	304ms 100ms	Script application/javascript	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2Frstontova.php%3F%2Fsrtvonsone%2F%26action%3DaBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb&j=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F Requested by Host: waust.at URL: https://waust.at/s.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Mon, 21 Nov 2022 17:25:14 GMT X-T 0.809 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl1 Expires Mon, 21 Nov 2022 17:25:13 GMT
GET H2	200	/ Show response whos.amung.us/pingjs/	29 B 183 B	282ms 127ms	Script text/javascript	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=ilmgguie5t&t=Update%20DVLA%20-%20GOV.UK%20Verify%20-%20GOV.UK&c=s&x=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2Frstontova.php%3F%2Fsrtvonsone%2F%26action%3DaBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb&y=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F&a=0&d=0.536&v=27&r=4337 Requested by Host: waust.at URL: https://waust.at/s.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f8968ee29db013d3ca07ebd96548e3cafc511d6f9ed2614adc889cade87d374 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:14 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 76db1f9a99299bbc-FRA content-type text/javascript;charset=UTF-8
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	118ms 56ms	Script application/javascript	172.64.151.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: waust.at URL: https://waust.at/s.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 17:25:14 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 21 Jul 2022 14:57:21 GMT server cloudflare age 8817 etag W/"62d96951-4599" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 76db1f9bdff99bfa-FRA expires Thu, 24 Nov 2022 17:25:14 GMT
GET DATA	200 OK	truncated /	439 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	51 B 319 B	304ms 105ms	Script application/javascript	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=acrsmartclassroom.com&_ss=y3v6lm5rj7&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=4iv0&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2Frstontova.php%3F%2Fsrtvonsone%2F%26action%3DaBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb&j=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 2a8cdfc7a0ca34ae559e9ab26415dcd72600f072cec0eeddb4fb960d8075985a Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Mon, 21 Nov 2022 17:25:14 GMT X-T 0.146 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Mon, 21 Nov 2022 17:25:13 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	367ms 111ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0&r=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F&t=Update%20DVLA%20-%20GOV.UK%20Verify%20-%20GOV.UK Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Mon, 21 Nov 2022 17:25:14 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 260 B	348ms 113ms	Script application/javascript	67.202.105.33
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!ilmgguie5t&dn=TC&cc=1&r=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 -, , ASN (), Reverse DNS Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" date Mon, 21 Nov 2022 17:25:13 GMT cache-control max-age=86400 content-type application/javascript accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-length 4 expires Tue, 22 Nov 2022 17:25:14 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	112ms 112ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0&r=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F&t=Update%20DVLA%20-%20GOV.UK%20Verify%20-%20GOV.UK Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Mon, 21 Nov 2022 17:25:14 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	112ms 112ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0&r=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F&t=Update%20DVLA%20-%20GOV.UK%20Verify%20-%20GOV.UK Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Mon, 21 Nov 2022 17:25:14 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	112ms 111ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0&r=https%3A%2F%2Facrsmartclassroom.com%2Fwp-admin%2Fjs%2Fdl%2F Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Mon, 21 Nov 2022 17:25:14 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	111ms 110ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0 Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Mon, 21 Nov 2022 17:25:15 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	112ms 112ms	Image text/plain	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0 Requested by Host: acrsmartclassroom.com URL: https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://acrsmartclassroom.com/wp-admin/js/dl/rstontova.php?/srtvonsone/&action=aBCCqfJjpDCjkspeISkSEoGAFNtJrSOazvAXvDBoMZiWRLNlAxTdjBgWQnb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires "Sat, 26 Jul 1997 05:00:00 GMT" date Mon, 21 Nov 2022 17:25:15 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET		p ic.tynt.com/b/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ic.tynt.com

URL

https://ic.tynt.com/b/p?id=w!ilmgguie5t&lm=0&ts=1669051514322&dn=TC&iso=0

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wau function| YJtoPcCe function| gPtVKVTOQS function| JEPcRXrlt2 function| JdinExeDCST3 function| tiplhEfnZeG4 object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2 object| Tynt object| _dtspv object| _33Across function| __uspapi

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			acrsmartclassroom.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 39ch55jl2egng3pmcum5e9lj55
			.dtscout.com/	1970-01-20 07:37:36	Name: m Value: 1
			.dtscout.com/	1970-01-20 07:37:45	Name: oa Value: 1
			.dtscout.com/	1970-01-20 10:01:31	Name: df Value: 1669051514

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acrsmartclassroom.com
cdn.tynt.com
de.tynt.com
ic.tynt.com
sindio.be
t.dtscout.com
waust.at
whos.amung.us
ic.tynt.com
162.0.238.90
167.114.209.61
172.64.151.83
2606:4700:10::6816:4aab
2606:4700:20::681a:407
51.79.251.183
67.202.105.31
67.202.105.33
0343e17fd722223df88b8c5313333355714ba4f8d12c201deb7c5d24ac26a460
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2a8cdfc7a0ca34ae559e9ab26415dcd72600f072cec0eeddb4fb960d8075985a
471fe7c33b2ac6fccc2200b7ecbf2db41349a7ae218afe24f204cb84fc5a550f
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
9f8968ee29db013d3ca07ebd96548e3cafc511d6f9ed2614adc889cade87d374
b1d3d6097907be9c4730892b74c227e857dbaedd28c8480d52d51d17dbcb054c
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c44e570faaa2a506c4c7831ac471a092a9b8c1263366ae094fa15f900c4f5474
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d379630f9694c5d1b89c52020420a824457ef5fc0e3daae1dd101a226c61ec90
df8e91e89e60f25adb96a11a4d5b8a42da3fa2707da4da009947dc4d092ba3ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
f4b9a6dbfa5227b87174a8cbe05826732c50c88a4f527dc40aa80b8dc867b889
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac