yourskoolers.com Open in urlscan Pro
46.101.9.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wedo.ee/O9AASiQUIY
Effective URL:
https://yourskoolers.com/Ht/freedom.php
Submission Tags: falconsandbox
Submission: On October 22 via api (October 22nd 2020, 9:47:41 pm UTC) from US

Summary HTTP 48 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 48 HTTP transactions. The main IP is 46.101.9.252, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is yourskoolers.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 19th 2020. Valid for: 3 months.

This is the only time yourskoolers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.15.226.226 51.15.226.226	12876 (Online SAS) (Online SAS)
1	69.163.227.111 69.163.227.111	26347 (DREAMHOST-AS) (DREAMHOST-AS)
12 51	46.101.9.252 46.101.9.252	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	72.247.179.105 72.247.179.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
48	3

1 51.15.226.226 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 226-226-15-51.instances.scw.cloud

wedo.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.163.227.111 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-vat.fields.dreamhost.com

www.arikmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 46.101.9.252 (London, United Kingdom) 12 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

yourskoolers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 72.247.179.105 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a72-247-179-105.deploy.static.akamaitechnologies.com

www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	yourskoolers.com 12 redirects yourskoolers.com	610 KB
8	huntington.com www.huntington.com	132 KB
1	arikmedia.com www.arikmedia.com	426 B
1	wedo.ee 1 redirects wedo.ee	453 B
48	4

	Domain	Requested by
51	yourskoolers.com	12 redirects www.arikmedia.com yourskoolers.com
8	www.huntington.com	yourskoolers.com
1	www.arikmedia.com
1	wedo.ee	1 redirects
48	4

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
www.huntington.com
huntington-ir.com
cms.huntington.com
huntingtoncc.fdecs.com
escrowsolutions.huntington.com
myapps.paychex.com
ht.businessonlinepayroll.com
investor.wealthscape.com
huntington.customercarenet.com
login2.fisglobal.com
secure.newportgroup.com
www.govone.com
players.brightcove.net
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
yourskoolers.com Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
huntington.com GeoTrust EV RSA CA 2018	`2020-07-08` - `2022-07-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://yourskoolers.com/Ht/freedom.php
Frame ID: D31F49006A2249975191A0CC18E63453
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://wedo.ee/O9AASiQUIY HTTP 301
http://www.arikmedia.com//redirect.php Page URL
https://yourskoolers.com/Ht/freedom.php Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

48
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

741 kB
Transfer

1388 kB
Size

0
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: http://outdatedbrowser.com/
Title: Upgrade your browser

Search URL Search Domain Scan URL

URL: https://www.huntington.com/

Search URL Search Domain Scan URL

URL: https://www.huntington.com/mobile-login
Title:

Search URL Search Domain Scan URL

URL: https://www.huntington.com/customer-service
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Community
Title: Community

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security
Title: Security

Search URL Search Domain Scan URL

URL: https://www.huntington.com/branchlocator
Title: Find a branch

Search URL Search Domain Scan URL

URL: https://www.huntington.com/private-bank
Title: Private Bank

Search URL Search Domain Scan URL

URL: https://www.huntington.com/SmallBusiness
Title: Business

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www.huntington.com/About-Us
Title: About Us

Search URL Search Domain Scan URL

URL: http://huntington-ir.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.huntington.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.huntington.com/site_map
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/privacy-policies
Title: Privacy Policies

Search URL Search Domain Scan URL

URL: https://www.huntington.com/email
Title: Email Updates

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/routing-number
Title: Routing Numbers

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Commercial/online-services
Title: Learn More

Search URL Search Domain Scan URL

URL: https://cms.huntington.com/
Title: Asset Based Lending

Search URL Search Domain Scan URL

URL: https://huntingtoncc.fdecs.com/
Title: Commercial eCustomerService

Search URL Search Domain Scan URL

URL: https://escrowsolutions.huntington.com/aews
Title: Escrow Solutions

Search URL Search Domain Scan URL

URL: https://myapps.paychex.com/landing_remote/login.do?TYPE=33554433&REALMOID=06-fd3ba6b8-7a2f-1013-ba03-83af2ce30cb3&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=09PZJoiHr8jiAF1z4DL6SopY5OyRzoKSeZ4yIhpJe7nkRdeIwtlMrg0rd7X3FRDM&TARGET=-SM-https%3a%2f%2fmyapps.paychex.com%2f
Title: Payroll - Paychex

Search URL Search Domain Scan URL

URL: https://ht.businessonlinepayroll.com/SPF/login/ee_auth.aspx
Title: Payroll - SurePayroll

Search URL Search Domain Scan URL

URL: https://investor.wealthscape.com/huntington/
Title: Online Investments

Search URL Search Domain Scan URL

URL: https://huntington.customercarenet.com/ccn/huntington/mymortgage.html
Title: Online Mortgages

Search URL Search Domain Scan URL

URL: https://login2.fisglobal.com/idp/HUNTRPWL/?ClientID=WebLinkUI
Title: Online Trust

Search URL Search Domain Scan URL

URL: https://secure.newportgroup.com/login/huntington/participant
Title: Retirement Connection

Search URL Search Domain Scan URL

URL: https://www.govone.com/TPP/huntington/Account/Logon
Title: Smart Tax

Search URL Search Domain Scan URL

URL: https://www.huntington.com/coronavirus/recent?icmpid=coronavirus:latest_response_to_the_coronavirus:top_gray_banner
Title: Learn More ›

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking
Title: Personal Checking Accounts Our checking account options each come with Huntington Heads Up®1 and other digital tools to help you stay on financial track.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/savings-goal-getter
Title: Reach Your Savings Goals You set the savings goal and we’ll help track your progress along the way with Savings Goal GetterSM.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/pre-approval-mortgage
Title: Mortgage Pre-Approval Show sellers your purchasing power by getting pre-approved for a mortgage before house hunting.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Budget/finances-ready-for-emergency
Title: Financial emergency? Here's what you can do. A bit of planning can help protect you when the unexpected happens.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Buy/tips-for-first-time-homebuyers/finding-a-real-estate-agent
Title: Find a real estate agent who's right for you. You want more than a series of listings—here’s what to look for.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Payoff/steps-strategies-to-get-out-of-debt-end-stress
Title: These steps can help cut debt - and stress. When debt balloons, it overwhelms. These steps can help reduce the anxiety.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Invest/benefits-of-investing-early
Title: Small investments now can pay off big later. Big goals require big savings, but you can get there with modest monthly contributions, if you get started now.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Budget/finances-ready-for-emergency/earning-ideas-cash-infusion
Title: Earning ideas for a cash infusion. Looking to seed an emergency fund or cover a surprise expense? Get a boost.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Borrow/how-much-college-debt
Title: How much college debt is worth taking on? There’s no magic formula for deciding, but these tips might help focus your thinking.

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life
Title: Browse All Articles

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mobile-banking/mobile-apps
Title: huntington.com/MobileApp

Search URL Search Domain Scan URL

URL: https://www.huntington.com/-/media/pdf/tax-fraud-tipsheet-consumer.pdf?rev=b92048e5ae264c2f9f00adec0bf83525

Search URL Search Domain Scan URL

URL: https://players.brightcove.net/1317241590001/default_default/index.html?videoId=6129247932001

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Invest/benefits-of-investing-early/guide-micro-investing-apps

Search URL Search Domain Scan URL

URL: https://www.huntington.com/life/Save/reducing-stress-living-paycheck-to-paycheck

Search URL Search Domain Scan URL

URL: https://players.brightcove.net/1317241590001/BJgwCdWD5W_default/index.html?videoId=6054365460001

Search URL Search Domain Scan URL

URL: https://players.brightcove.net/1317241590001/BJgwCdWD5W_default/index.html?videoId=6054375084001

Search URL Search Domain Scan URL

URL: https://players.brightcove.net/1317241590001/BJgwCdWD5W_default/index.html?videoId=5859888744001

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HuntingtonBank
Title: Visit Huntington's Facebook page

Search URL Search Domain Scan URL

URL: https://twitter.com/Huntington_Bank
Title: Visit Huntington's Twitter feed

Search URL Search Domain Scan URL

URL: https://www.instagram.com/huntingtonbank/?hl=en
Title: Visit Huntington's Instagram page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HuntingtonBank
Title: Visit Huntington's YouTube page

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntington-national-bank
Title: Visit Huntington's LinkedIn page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wedo.ee/O9AASiQUIY HTTP 301
http://www.arikmedia.com//redirect.php Page URL
https://yourskoolers.com/Ht/freedom.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://wedo.ee/O9AASiQUIY HTTP 301
http://www.arikmedia.com//redirect.php

Request Chain 35

https://yourskoolers.com/fonts/HuntingtonApexWeb-Bold.woff2 HTTP 301
https://yourskoolers.com/fonts/HuntingtonApexWeb-Bold.woff2/

Request Chain 36

https://yourskoolers.com/fonts/muli-v11-latin-300.woff2 HTTP 301
https://yourskoolers.com/fonts/muli-v11-latin-300.woff2/

Request Chain 37

https://yourskoolers.com/fonts/muli-v11-latin-700.woff2 HTTP 301
https://yourskoolers.com/fonts/muli-v11-latin-700.woff2/

Request Chain 38

https://yourskoolers.com/fonts/muli-v11-latin-600.woff2 HTTP 301
https://yourskoolers.com/fonts/muli-v11-latin-600.woff2/

Request Chain 39

https://yourskoolers.com/fonts/HuntingtonApexWeb-Medium.woff2 HTTP 301
https://yourskoolers.com/fonts/HuntingtonApexWeb-Medium.woff2/

Request Chain 40

https://yourskoolers.com/fonts/HuntingtonApexWeb-Book.woff2 HTTP 301
https://yourskoolers.com/fonts/HuntingtonApexWeb-Book.woff2/

Request Chain 41

https://yourskoolers.com/fonts/HuntingtonApexWeb-Bold.woff HTTP 301
https://yourskoolers.com/fonts/HuntingtonApexWeb-Bold.woff/

Request Chain 42

https://yourskoolers.com/fonts/muli-v11-latin-700.woff HTTP 301
https://yourskoolers.com/fonts/muli-v11-latin-700.woff/

Request Chain 43

https://yourskoolers.com/fonts/muli-v11-latin-600.woff HTTP 301
https://yourskoolers.com/fonts/muli-v11-latin-600.woff/

Request Chain 44

https://yourskoolers.com/fonts/HuntingtonApexWeb-Book.woff HTTP 301
https://yourskoolers.com/fonts/HuntingtonApexWeb-Book.woff/

Request Chain 45

https://yourskoolers.com/fonts/muli-v11-latin-300.woff HTTP 301
https://yourskoolers.com/fonts/muli-v11-latin-300.woff/

Request Chain 46

https://yourskoolers.com/fonts/HuntingtonApexWeb-Medium.woff HTTP 301
https://yourskoolers.com/fonts/HuntingtonApexWeb-Medium.woff/

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

redirect.php Show response
www.arikmedia.com//
Redirect Chain

https://wedo.ee/O9AASiQUIY
http://www.arikmedia.com//redirect.php

77 B
426 B

509ms
311ms

Document
text/html

69.163.227.111
DREAMHOST-AS

General

yourskoolers.com Open in urlscan Pro 46.101.9.252 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

4 Countries

741 kBTransfer

1388 kBSize

0 Cookies

52 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

yourskoolers.com Open in urlscan Pro
46.101.9.252 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

741 kB
Transfer

1388 kB
Size

0
Cookies

48 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!