yhager.gq Open in urlscan Pro
162.240.215.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yhager.gq/
Submission: On August 16 via manual (August 16th 2022, 11:41:59 pm UTC) from US — Scanned from US

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 162.240.215.126, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is yhager.gq.
TLS certificate: Issued by R3 on July 23rd 2022. Valid for: 3 months.

This is the only time yhager.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
25	162.240.215.126 162.240.215.126	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2

25 162.240.215.126 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5997019.thweert.gq

yhager.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	yhager.gq yhager.gq	382 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 951	156 KB
28	2

	Domain	Requested by
25	yhager.gq	yhager.gq
3	use.fontawesome.com	yhager.gq use.fontawesome.com
28	2

This site contains no links.

Subject Issuer	Validity	Valid
www.yhager.gq R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://yhager.gq/
Frame ID: 599EAB57BDD6019852B0A9D135E24364
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alaska USA services for you

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

538 kB
Transfer

575 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response yhager.gq/	29 KB 30 KB	766ms 75ms	Document text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `7ceff7c3c0e76740c68d5ef1774b3e70f40ef6d8e6fe93cc8f7382ba941af74b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes content-length 30080 content-type text/html date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 16 Aug 2021 21:40:10 GMT server Apache
GET H2	200	akusafonts.css yhager.gq/css/	5 KB 5 KB	70ms 68ms	Stylesheet text/css	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/akusafonts.css?20210416161 Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `b4a84fc6b3a35fd055ecf159c5e59890ee5e79a988b4e161c2584e3240904cb3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 16 Aug 2021 21:23:52 GMT server Apache accept-ranges bytes content-length 4740 content-type text/css
GET H2	200	akusa-base.css yhager.gq/css/	32 KB 33 KB	70ms 69ms	Stylesheet text/css	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/akusa-base.css?20210416161 Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `e9b3978ae91478bded1d4b12557e4de3933e6b6f9f62b5cba08d5aeb0e6aa9f2` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:29:10 GMT server Apache accept-ranges bytes content-length 33028 content-type text/css
GET H2	200	akusa-desktop.css yhager.gq/css/	21 KB 21 KB	114ms 113ms	Stylesheet text/css	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/akusa-desktop.css?20210416161 Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `ea47bcf05c1c3d327517090e7f8e5ea2415d953f2bf3c1b4b178e2ed593df135` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 16 Aug 2021 21:27:30 GMT server Apache accept-ranges bytes content-length 21565 content-type text/css
GET H2	200	slick.css yhager.gq/css/	4 KB 4 KB	114ms 113ms	Stylesheet text/css	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/slick.css Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `ecfa1060f4c3397489c7ca17004e0ddea9c95c445ce5201e0a76b69a7ec72519` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:27:48 GMT server Apache accept-ranges bytes content-length 3799 content-type text/css
GET H2	200	akusa-home.css yhager.gq/css/	7 KB 7 KB	114ms 113ms	Stylesheet text/css	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/akusa-home.css Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `0ef893adaa4ab7f69983c3bcf93471076c515f56441e216d83773bd5f160bc11` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:29:10 GMT server Apache accept-ranges bytes content-length 6690 content-type text/css
GET H2	200	all.css use.fontawesome.com/releases/v5.7.0/css/	53 KB 12 KB	125ms 81ms	Stylesheet text/css	2606:4700:3033::6815:3f36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.0/css/all.css Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae` Request headers Referer https://yhager.gq/ Origin https://yhager.gq accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:53 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 504N76J3SEDN5D2Q access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 quaqhnMX3m0EMfhhXTPgVXOZLlOxs6LkcJo0Oyr/eECZ3a3iZiiNW5EcRDz/g90p7MKoxnSSWIU= last-modified Wed, 30 Jun 2021 15:45:15 GMT server cloudflare etag W/"251d28bd755f5269a4531df8a81d5664" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDDZbe3dEun%2Fg4h1KRc3Itd5PKsKncs9%2Bvo4Thbf6mnMbZCaQ%2B2xGQf65%2BJZdNgJ4MiziefKX8k1uH5LX1NPA2oZnKVlOMw70PnA7lz7VR2PXjZLcRZiTVaikzis5%2FGqYZgA6gxTmGFTqTkYDWX99R9i"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 73be05f73f551791-EWR
GET H2	200	akusafcu_logo.png yhager.gq/images/	16 KB 16 KB	163ms 163ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/akusafcu_logo.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 09 Aug 2021 18:34:14 GMT server Apache accept-ranges bytes content-length 16314 content-type image/png
GET H2	200	Background-Photo_auibQ2.jpg yhager.gq/images//	54 KB 54 KB	141ms 139ms	Image image/jpeg	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images//Background-Photo_auibQ2.jpg Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `f9a1b6058c2ff0defcc32a3bdf41a813c9e759f37a2d7f719e69bedff745f169` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:18:54 GMT server Apache accept-ranges bytes content-length 54931 content-type image/jpeg
GET H2	404	auibQ2_floater.png yhager.gq/images/	315 B 315 B	137ms 136ms	Image text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/auibQ2_floater.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	20969-FPIS.jpg yhager.gq/images/	315 B 315 B	140ms 138ms	Image text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/20969-FPIS.jpg Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	20969-FPIS-Floating-Banner.png yhager.gq/images/	315 B 315 B	139ms 138ms	Image text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/20969-FPIS-Floating-Banner.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	20713-NADA-Background-Bnr-0820.jpg yhager.gq/images/	93 KB 93 KB	140ms 139ms	Image image/jpeg	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/20713-NADA-Background-Bnr-0820.jpg Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `b8ce2661c681e99678f9005f3641197c0dce7579c61624e528c71e4e683042aa` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:20:34 GMT server Apache accept-ranges bytes content-length 95027 content-type image/jpeg
GET H2	200	20713-NADA-Floating-Banner.png yhager.gq/images/	10 KB 11 KB	139ms 138ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/20713-NADA-Floating-Banner.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `c0a586167b9fcc911c0688cf356973153d51d57dcb909a671f92c9c198d3d611` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:21:42 GMT server Apache accept-ranges bytes content-length 10688 content-type image/png
GET H2	404	Background-Photo_paypal.jpg yhager.gq/images/	315 B 315 B	137ms 136ms	Image text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/Background-Photo_paypal.jpg Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	Paypal_floater.png yhager.gq/images/	70 KB 70 KB	137ms 136ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/Paypal_floater.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `2e7c0c05ccdc6f730310f1bc9477aa87364fb7b31625aad63005f84029b15a00` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:29:12 GMT server Apache accept-ranges bytes content-length 71252 content-type image/png
GET H2	200	warning.png yhager.gq/images/	1 KB 1 KB	129ms 129ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/warning.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:24:32 GMT server Apache accept-ranges bytes content-length 1249 content-type image/png
GET H2	200	learn.png yhager.gq/images/	3 KB 3 KB	130ms 129ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/learn.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `23f614c53e35afae28a843e1ff6bde539f5c74b5725c62b3f6e2c8f439e4bc3c` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:24:40 GMT server Apache accept-ranges bytes content-length 3001 content-type image/png
GET H2	200	ncua.png yhager.gq/images/	4 KB 4 KB	129ms 128ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/ncua.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:29:12 GMT server Apache accept-ranges bytes content-length 4280 content-type image/png
GET H2	200	EHL.png yhager.gq/images/	3 KB 3 KB	129ms 129ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/EHL.png Requested by Host: yhager.gq URL: https://yhager.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 19 Apr 2021 05:29:12 GMT server Apache accept-ranges bytes content-length 3317 content-type image/png
GET H2	200	header_bg.png yhager.gq/images/	8 KB 8 KB	74ms 73ms	Image image/png	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/header_bg.png Requested by Host: yhager.gq URL: https://yhager.gq/css/akusa-desktop.css?20210416161 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/css/akusa-desktop.css?20210416161 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 16 Aug 2021 21:26:54 GMT server Apache accept-ranges bytes content-length 8058 content-type image/png
GET H2	404	navSprites.png yhager.gq/images/	315 B 315 B	74ms 74ms	Image text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/images/navSprites.png Requested by Host: yhager.gq URL: https://yhager.gq/css/akusa-desktop.css?20210416161 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/css/akusa-desktop.css?20210416161 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	navSprites.png yhager.gq/css/nav/	315 B 315 B	75ms 74ms	Image text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://yhager.gq/css/nav/navSprites.png Requested by Host: yhager.gq URL: https://yhager.gq/css/slick.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer https://yhager.gq/css/slick.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	PTN57F-webfont.woff yhager.gq/css/fonts/PTSans/ptsansnarrow_regular_macroman/	0 0	75ms 75ms	Font text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.woff Requested by Host: yhager.gq URL: https://yhager.gq/css/akusafonts.css?20210416161 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash Request headers Referer https://yhager.gq/css/akusafonts.css?20210416161 Origin https://yhager.gq accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.7.0/webfonts/	73 KB 73 KB	83ms 82ms	Font font/woff2	2606:4700:3033::6815:3f36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d` Request headers Referer https://use.fontawesome.com/releases/v5.7.0/css/all.css Origin https://yhager.gq accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:53 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 504Y8AYRNVFMHE6J alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 74316 x-amz-id-2 gdFMtyBSkOGhw7LnPRKyXY7RYkd9PaJiC6xqnq0trAhbKA2lDueqiVRyWa803NzGzWfcKkqxNL0= last-modified Wed, 30 Jun 2021 15:45:37 GMT server cloudflare etag "52134b924fd61958f88323845deffc64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pXFa6PdHayTC8e6lo3pUNMQyi2iMnknQ8wRrGoCimzJur32NTQB3T3aKUwHHjoKG%2BNHPzD0rl1SQqoUzm6PQm6I%2FxzQ1yyTkgHu%2FTL8%2B%2F8KdBIdbccoHSsv00jJ5FpWGE4Gxs%2FPz%2FVSrGyaUx5XB7Fm"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 73be05f829211791-EWR
GET H2	200	AkusaIcon.ttf yhager.gq/css/fonts/	17 KB 18 KB	74ms 73ms	Font font/ttf	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/fonts/AkusaIcon.ttf?d7g0bl Requested by Host: yhager.gq URL: https://yhager.gq/css/akusafonts.css?20210416161 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash `ba5f038189c5d0831fad29ca4a0720e57fe047eee71de176a087f571cb2da61d` Request headers Referer https://yhager.gq/css/akusafonts.css?20210416161 Origin https://yhager.gq accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT last-modified Mon, 16 Aug 2021 21:21:16 GMT server Apache accept-ranges bytes content-length 17752 content-type font/ttf
GET H2	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.7.0/webfonts/	70 KB 71 KB	105ms 105ms	Font font/woff2	2606:4700:3033::6815:3f36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-brands-400.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.7.0/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed7514b6c3a5fdc386bff4dcccaee5e0c72e83cf31f90ff5ac4fb70e33fb6857` Request headers Referer https://use.fontawesome.com/releases/v5.7.0/css/all.css Origin https://yhager.gq accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:53 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 504SWWWZA9V2ENFG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 72120 x-amz-id-2 5caXaEBm1riEr4bOJPlDiY2i4yXdAEOAZvciYZmzTutoWaps99eYPFTmoh+pM2Jv203pBIw6xnI= last-modified Wed, 30 Jun 2021 15:45:36 GMT server cloudflare etag "ae990e80be9a9904db60b0d3d06adbc1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsUFE8utj0%2FvjCW7AePD3NpbGw8p8Gws1XiYarQrKKrMwu76iQpQ5RmaxuldyLeyL%2F%2B5wy8nsOeGuR0f%2BvrjRluAyD%2BW5fNUiOZx7oUVJEVB9CmNgUrQzomcIvCb%2BxXZm8ey4ZUtg6jyoB7k6BAx2%2BXA"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 73be05f829251791-EWR
GET H2	404	PTN57F-webfont.ttf yhager.gq/css/fonts/PTSans/ptsansnarrow_regular_macroman/	0 0	66ms 66ms	Font text/html	162.240.215.126 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://yhager.gq/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.ttf Requested by Host: yhager.gq URL: https://yhager.gq/css/akusafonts.css?20210416161 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.240.215.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 5997019.thweert.gq Software Apache / Resource Hash Request headers Referer https://yhager.gq/css/akusafonts.css?20210416161 Origin https://yhager.gq accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 16 Aug 2022 23:41:52 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yhager.gq/images/auibQ2_floater.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/images/Background-Photo_paypal.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/images/20969-FPIS-Floating-Banner.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/images/20969-FPIS.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/images/navSprites.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/css/nav/navSprites.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yhager.gq/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

use.fontawesome.com
yhager.gq
162.240.215.126
2606:4700:3033::6815:3f36
0ef893adaa4ab7f69983c3bcf93471076c515f56441e216d83773bd5f160bc11
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
23f614c53e35afae28a843e1ff6bde539f5c74b5725c62b3f6e2c8f439e4bc3c
2e7c0c05ccdc6f730310f1bc9477aa87364fb7b31625aad63005f84029b15a00
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
7ceff7c3c0e76740c68d5ef1774b3e70f40ef6d8e6fe93cc8f7382ba941af74b
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b4a84fc6b3a35fd055ecf159c5e59890ee5e79a988b4e161c2584e3240904cb3
b8ce2661c681e99678f9005f3641197c0dce7579c61624e528c71e4e683042aa
ba5f038189c5d0831fad29ca4a0720e57fe047eee71de176a087f571cb2da61d
c0a586167b9fcc911c0688cf356973153d51d57dcb909a671f92c9c198d3d611
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
e9b3978ae91478bded1d4b12557e4de3933e6b6f9f62b5cba08d5aeb0e6aa9f2
ea47bcf05c1c3d327517090e7f8e5ea2415d953f2bf3c1b4b178e2ed593df135
ecfa1060f4c3397489c7ca17004e0ddea9c95c445ce5201e0a76b69a7ec72519
ed7514b6c3a5fdc386bff4dcccaee5e0c72e83cf31f90ff5ac4fb70e33fb6857
f9a1b6058c2ff0defcc32a3bdf41a813c9e759f37a2d7f719e69bedff745f169

yhager.gq Open in urlscan Pro 162.240.215.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

538 kBTransfer

575 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

yhager.gq Open in urlscan Pro
162.240.215.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

538 kB
Transfer

575 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!