pdfmoney.com Open in urlscan Pro
2606:4700:3031::681f:5cbb Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pdfmoney.com/.well-known/alasika093/?U3XLE
Submission Tags: @jcybersec_
Submission: On June 10 via api (June 10th 2020, 8:45:29 pm UTC) from GB

Summary HTTP 38 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3031::681f:5cbb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pdfmoney.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2020. Valid for: a year.

This is the only time pdfmoney.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Domain & IP information

	IP Address		AS Autonomous System
38	2606:4700:303... 2606:4700:3031::681f:5cbb		13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	1

38 2606:4700:3031::681f:5cbb (United States)

ASN13335 (CLOUDFLARENET, US)

pdfmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	pdfmoney.com pdfmoney.com	799 KB
38	1

	Domain	Requested by
38	pdfmoney.com	pdfmoney.com
38	1

This site contains links to these domains. Also see Links.

Domain
login.alaskausa.org
www.alaskausa.org
go.alaskausa.org
www.youtube.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pdfmoney.com/.well-known/alasika093/?U3XLE
Frame ID: 8B04C2B602F7592DF16123EBCBF81FA4
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

38
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

799 kB
Transfer

1188 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://login.alaskausa.org/efs/ultrabranch/ForgotPAC
Title: Forgot Login

Search URL Search Domain Scan URL

URL: https://www.alaskausa.org/enroll
Title: Enroll

Search URL Search Domain Scan URL

URL: https://go.alaskausa.org/learn
Title: Build Your Financial Know-How Articles, videos, and tips to help you plan for your financial future

Search URL Search Domain Scan URL

URL: https://www.youtube.com/AlaskaUSAFCU
Title: Alaska USA on YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AlaskaUSAFCU
Title: Facebook iconFacebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/alaska-usa-federal-credit-union
Title: LinkedIn iconLinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/alaskausa
Title: Twitter iconTwitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/alaskausafcu/
Title: InstagramInstagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response pdfmoney.com/.well-known/alasika093/	143 KB 17 KB	554ms 514ms	Document text/html	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e10945e24b5e30c82ec5201677e730eb261c51a06dd808265c1a258a8cd26863` Request headers :method GET :authority pdfmoney.com :scheme https :path /.well-known/alasika093/?U3XLE pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 10 Jun 2020 20:45:07 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d4a905227222b18a07462282027514aec1591821907; expires=Fri, 10-Jul-20 20:45:07 GMT; path=/; domain=.pdfmoney.com; HttpOnly; SameSite=Lax cf-cache-status DYNAMIC cf-request-id 034193cc3100000742102e9200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5a15ef26baa90742-FRA content-encoding br
GET H2	200	akusafonts74d1.css pdfmoney.com/.well-known/alasika093/css/	4 KB 1004 B	476ms 474ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/akusafonts74d1.css?20181128 Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4446f75d0c8f1c2ddf279a1906fe2f180bd1ec6947c3429d112473c99989c71d` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:08 GMT content-encoding br cf-cache-status MISS last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde0a0742-FRA cf-request-id 034193d00a0000074210339200000001
GET H2	200	akusa-base.css pdfmoney.com/.well-known/alasika093/css/	31 KB 8 KB	13ms 12ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/akusa-base.css Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `904cd9838fb672adb5bd6c0d893d3c00920bb50f9774b71790b1017b4e42b2e5` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde0d0742-FRA cf-request-id 034193d00a000007421033a200000001
GET H2	200	akusa-phone.css pdfmoney.com/.well-known/alasika093/css/	17 KB 5 KB	17ms 17ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/akusa-phone.css Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `083575b88f2fce93be0b45e4d9c8f928ccea5bd669abfb88e959fe5df8b9f6e2` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde140742-FRA cf-request-id 034193d00b000007421033e200000001
GET H2	200	akusa-desktop.css pdfmoney.com/.well-known/alasika093/css/	20 KB 6 KB	15ms 14ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/akusa-desktop.css Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `27e4a6a16d9236696abb5a8f479dd8f86f9a92e8db6b2c759d0f1123be388877` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde0e0742-FRA cf-request-id 034193d00b000007421033b200000001
GET H2	200	akusa-print.css pdfmoney.com/.well-known/alasika093/css/	427 B 360 B	12ms 11ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/akusa-print.css Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b8d3ba1d2278fadfc8ea7e17c4babe8b3d8c629b2e7e3e33690ee94e182cd79e` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde160742-FRA cf-request-id 034193d00b000007421033f200000001
GET H2	200	slick.css pdfmoney.com/.well-known/alasika093/css/	3 KB 960 B	14ms 13ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/slick.css Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bd1af540376e5bcb655608774e16f5d84baa5a339a9ac2799a1bbaad058a36c` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde110742-FRA cf-request-id 034193d00b000007421033c200000001
GET H2	200	akusa-home.css pdfmoney.com/.well-known/alasika093/css/	6 KB 2 KB	18ms 17ms	Stylesheet text/css	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/css/akusa-home.css Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c0db8b02b367b0a0a825d7b53e089d070675e46f495e248b501a7688774e7c5` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5a15ef2cde130742-FRA cf-request-id 034193d00b000007421033d200000001
GET H2	200	jquery-1.11.3.min.js Show response pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/	94 KB 32 KB	23ms 22ms	Script application/javascript	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery-1.11.3.min.js Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5a15ef2cee230742-FRA cf-request-id 034193d00d0000074210340200000001
GET H2	200	jsSuite-1.9.5.js Show response pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/	60 KB 19 KB	23ms 23ms	Script application/javascript	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jsSuite-1.9.5.js Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `112768a21be11d1b92cbdd81296364346fd65ee195c5b53ef75111b793b2131e` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5a15ef2cee260742-FRA cf-request-id 034193d00e0000074210341200000001
GET H2	200	jquery.accAccordion.js Show response pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/	7 KB 2 KB	12ms 11ms	Script application/javascript	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery.accAccordion.js Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4344cb40e693493948aadabd722ffe55c01398ac6ecf063bb6860cba5654912` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5a15ef2cee290742-FRA cf-request-id 034193d00e0000074210342200000001
GET H2	200	jquery.leanModal.AKUSA.2.1.js Show response pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/	11 KB 4 KB	23ms 22ms	Script application/javascript	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery.leanModal.AKUSA.2.1.js Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1479b9729af793ebffa6c5076a19eec691a2047ad212fd461b7fbe29c8831793` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5a15ef2cee2f0742-FRA cf-request-id 034193d00e0000074210343200000001
GET H2	200	slick.181.js Show response pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery/slick/	90 KB 15 KB	15ms 15ms	Script application/javascript	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery/slick/slick.181.js Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52971357358c85dd78615a755652e08630d5963aaa68ded0873f1efb9df4ee25` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT content-encoding br cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5a15ef2cee3c0742-FRA cf-request-id 034193d0100000074210344200000001
GET H2	200	akusafcu_logo.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/	16 KB 16 KB	14ms 10ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/akusafcu_logo.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee470742-FRA content-length 16228 cf-request-id 034193d0120000074210345200000001
GET H2	200	Q3-Background-Photos-Blue.jpg pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	64 KB 64 KB	25ms 21ms	Image image/jpeg	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/Q3-Background-Photos-Blue.jpg Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5bf9db11eaad113f8b70430b03bc111ebd7d13e87a150899afcb72e7885b7151` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee4d0742-FRA content-length 65873 cf-request-id 034193d0120000074210346200000001
GET H2	200	Q3-Floating-Banner-Blue.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	38 KB 38 KB	31ms 27ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/Q3-Floating-Banner-Blue.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `45334c39a6ca18a5fde4f0b28fc2c917f0fe3689dd0973edb6a395a1087d3f12` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:08 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee4e0742-FRA content-length 39075 cf-request-id 034193d0120000074210347200000001
GET H2	200	Q3-Background-Photos-Green.jpg pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	49 KB 49 KB	22ms 19ms	Image image/jpeg	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/Q3-Background-Photos-Green.jpg Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `718e0970b2242e2b2ba6a58d0a1a3f0abb41b32e08fbd2e6c9c3029759ee2abe` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee510742-FRA content-length 49975 cf-request-id 034193d0120000074210348200000001
GET H2	200	Q3-Floating-Banner-green.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	38 KB 38 KB	15ms 11ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/Q3-Floating-Banner-green.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7a47fb3710a0501d0833991bc2875a807f4705699d1ff3368b0b3ade6456a5b` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee530742-FRA content-length 38758 cf-request-id 034193d0120000074210349200000001
GET H2	200	Q3-Background-Photos-Yellow.jpg pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	58 KB 58 KB	19ms 16ms	Image image/jpeg	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/Q3-Background-Photos-Yellow.jpg Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a010faad9f252201c7c5096a6e781f7a70add7237814ed08365a09f087270483` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee570742-FRA content-length 58909 cf-request-id 034193d013000007421034a200000001
GET H2	200	Q3-Floating-Banner-yellow.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	38 KB 38 KB	21ms 17ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/Q3-Floating-Banner-yellow.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2adbd54978e8c18e98f509b9c99d935c676faaa994f89aa3de66770a0f890206` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee590742-FRA content-length 39081 cf-request-id 034193d013000007421034b200000001
GET H2	200	billpay.jpg pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	66 KB 66 KB	19ms 16ms	Image image/jpeg	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/billpay.jpg Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e366fcc3c86290a396c5997317c157dc86ed3a64481972d2381b0a5f97c94668` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee5a0742-FRA content-length 67249 cf-request-id 034193d013000007421034c200000001
GET H2	200	billpay_float.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/	7 KB 7 KB	14ms 11ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/billpay_float.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d27b37574d2d3dcad6a7dd41079ebe2fbe5faf71c63c5805fea3b7cd72ad754` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee5b0742-FRA content-length 6985 cf-request-id 034193d013000007421034d200000001
GET H2	200	Great_Rates.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	3 KB 3 KB	19ms 16ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/Great_Rates.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9bbcdf829b5aa64649daf841121e4f202aca979b883869cb9162b19ee16c45d6` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee5c0742-FRA content-length 3033 cf-request-id 034193d013000007421034e200000001
GET H2	200	24_7.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	3 KB 3 KB	23ms 21ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/24_7.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `42a60c275762c54d2609fc3f4c3e92b890438a13544acedb78acc1429a6f75e8` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee5d0742-FRA content-length 3463 cf-request-id 034193d013000007421034f200000001
GET H2	200	Safeguard.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	3 KB 3 KB	19ms 16ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/Safeguard.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bced0264cfd64147a011c2df12645beb5728e815bdcb5ee5b87965c005ede9de` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee5e0742-FRA content-length 2918 cf-request-id 034193d0130000074210350200000001
GET H2	200	House.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	2 KB 2 KB	18ms 15ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/House.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `840b945fdae9b827d3eeec3047c593b98fdcd6d4b08845fb25ba4c00ed5e4d60` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee5f0742-FRA content-length 2115 cf-request-id 034193d0130000074210351200000001
GET H2	200	Credit_Card.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	2 KB 2 KB	20ms 18ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/Credit_Card.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0f8a809653dccad6b1246b84439448d9b4be08ebdabf504b6b7d2dcc43b1fe6d` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee610742-FRA content-length 1842 cf-request-id 034193d0130000074210352200000001
GET H2	200	ClickSWITCH.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	4 KB 4 KB	19ms 17ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ClickSWITCH.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70e0c0741152cb9d4ac39ca288aae9fa555a215e752681ddba397861cf4e9f57` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee630742-FRA content-length 3750 cf-request-id 034193d0130000074210353200000001
GET H2	200	learn.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/	3 KB 3 KB	20ms 18ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/learn.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23f614c53e35afae28a843e1ff6bde539f5c74b5725c62b3f6e2c8f439e4bc3c` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee650742-FRA content-length 3001 cf-request-id 034193d0130000074210354200000001
GET H2	200	ncua.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/	4 KB 4 KB	17ms 15ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/ncua.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee660742-FRA content-length 4280 cf-request-id 034193d0130000074210355200000001
GET H2	200	EHL.png pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/	3 KB 3 KB	20ms 18ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/EHL.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:07 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2cee670742-FRA content-length 3317 cf-request-id 034193d0130000074210356200000001
GET H2	200	header_bg.png pdfmoney.com/.well-known/alasika093/images/	8 KB 8 KB	11ms 11ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/images/header_bg.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6` Request headers Referer https://pdfmoney.com/.well-known/alasika093/css/akusa-desktop.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:08 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2fefd60742-FRA content-length 8058 cf-request-id 034193d1f0000007421037c200000001
GET H2	200	navSprites.png pdfmoney.com/.well-known/alasika093/images/	14 KB 14 KB	11ms 11ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/images/navSprites.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019` Request headers Referer https://pdfmoney.com/.well-known/alasika093/css/akusa-desktop.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:08 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2fefd70742-FRA content-length 14383 cf-request-id 034193d1f0000007421037d200000001
GET H2	200	homeSprites.png pdfmoney.com/.well-known/alasika093/images/	186 KB 186 KB	13ms 13ms	Image image/png	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/images/homeSprites.png Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c` Request headers Referer https://pdfmoney.com/.well-known/alasika093/css/akusa-desktop.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:08 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2fefdb0742-FRA content-length 190407 cf-request-id 034193d1f1000007421037e200000001
GET H2	200	PTN57F-webfont.woff pdfmoney.com/.well-known/alasika093/fonts/	25 KB 25 KB	15ms 15ms	Font font/woff	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/fonts/PTN57F-webfont.woff Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pdfmoney.com/.well-known/alasika093/css/akusafonts74d1.css?20181128 Origin https://pdfmoney.com Response headers date Wed, 10 Jun 2020 20:45:08 GMT cf-cache-status HIT last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare age 1854 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2fefe70742-FRA content-length 25232 cf-request-id 034193d1f3000007421037f200000001
GET H2	200	AkusaIcon67f9.woff pdfmoney.com/.well-known/alasika093/fonts/	17 KB 17 KB	598ms 597ms	Font font/woff	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/.well-known/alasika093/fonts/AkusaIcon67f9.woff?j5gpp4 Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/?U3XLE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3230f11f87ac7aa3afcde93c95793a2e00651d4bbae8b8fc3d12667daf8052fa` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pdfmoney.com/.well-known/alasika093/css/akusafonts74d1.css?20181128 Origin https://pdfmoney.com Response headers date Wed, 10 Jun 2020 20:45:09 GMT cf-cache-status MISS last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5a15ef2fefe80742-FRA content-length 17108 cf-request-id 034193d1f40000074210380200000001
GET H2	404	agf.gif Show response pdfmoney.com/	18 KB 4 KB	637ms 637ms	XHR text/html	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pdfmoney.com/agf.gif?t=pv&pv=%2F.well-known%2Falasika093%2F&tt=Alaska+USA+services+for+you&qr=U3XLE&vt=new&sc=direct&md=(none)&dp=24&sh=1200&sw=1600&bn=Chrome&bv=83&pn=Linux&pr=x86_64&bl=en-us&js=1.7&hn=pdfmoney.com&vi=87647047&vs=876470471591821909&_=294460&v=040 Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jsSuite-1.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `696e37431879c212b8dc9229a0dd80ddbff3b66b58c646fdc4ee2f7d11b68197` Request headers Referer https://pdfmoney.com/.well-known/alasika093/?U3XLE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:09 GMT content-encoding br cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control private, max-age=14400 cf-ray 5a15ef310b650742-FRA cf-request-id 034193d2a8000007421038a200000001
GET H2	200	ajax-loader.html pdfmoney.com/.well-known/alasika093/css/	32 KB 32 KB	539ms 538ms	Image text/html	2606:4700:3031::681f:5cbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pdfmoney.com/.well-known/alasika093/css/ajax-loader.html Requested by Host: pdfmoney.com URL: https://pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery-1.11.3.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5cbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://pdfmoney.com/.well-known/alasika093/css/slick.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 20:45:09 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 15 Nov 2019 16:14:40 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html status 200 cf-ray 5a15ef311b9a0742-FRA cf-request-id 034193d2b1000007421038c200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pdfmoney.com/	1969-12-31 23:59:59	Name: agft Value: 0c0434e68dcb77aaea3eaf9536f67c2a.87647047
pdfmoney.com/	1970-01-19 14:29:33	Name: agfs Value: 0c0434e68dcb77aaea3eaf9536f67c2a.87647047&1591821909&1591821909&direct&(none)&&&&&
.pdfmoney.com/	1970-01-19 10:53:33	Name: __cfduid Value: d4a905227222b18a07462282027514aec1591821907

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pdfmoney.com
2606:4700:3031::681f:5cbb
083575b88f2fce93be0b45e4d9c8f928ccea5bd669abfb88e959fe5df8b9f6e2
0c0db8b02b367b0a0a825d7b53e089d070675e46f495e248b501a7688774e7c5
0f8a809653dccad6b1246b84439448d9b4be08ebdabf504b6b7d2dcc43b1fe6d
112768a21be11d1b92cbdd81296364346fd65ee195c5b53ef75111b793b2131e
1479b9729af793ebffa6c5076a19eec691a2047ad212fd461b7fbe29c8831793
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
1d27b37574d2d3dcad6a7dd41079ebe2fbe5faf71c63c5805fea3b7cd72ad754
23f614c53e35afae28a843e1ff6bde539f5c74b5725c62b3f6e2c8f439e4bc3c
27e4a6a16d9236696abb5a8f479dd8f86f9a92e8db6b2c759d0f1123be388877
2adbd54978e8c18e98f509b9c99d935c676faaa994f89aa3de66770a0f890206
3230f11f87ac7aa3afcde93c95793a2e00651d4bbae8b8fc3d12667daf8052fa
3bd1af540376e5bcb655608774e16f5d84baa5a339a9ac2799a1bbaad058a36c
42a60c275762c54d2609fc3f4c3e92b890438a13544acedb78acc1429a6f75e8
4446f75d0c8f1c2ddf279a1906fe2f180bd1ec6947c3429d112473c99989c71d
45334c39a6ca18a5fde4f0b28fc2c917f0fe3689dd0973edb6a395a1087d3f12
505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf
52971357358c85dd78615a755652e08630d5963aaa68ded0873f1efb9df4ee25
5bf9db11eaad113f8b70430b03bc111ebd7d13e87a150899afcb72e7885b7151
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
696e37431879c212b8dc9229a0dd80ddbff3b66b58c646fdc4ee2f7d11b68197
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
70e0c0741152cb9d4ac39ca288aae9fa555a215e752681ddba397861cf4e9f57
718e0970b2242e2b2ba6a58d0a1a3f0abb41b32e08fbd2e6c9c3029759ee2abe
840b945fdae9b827d3eeec3047c593b98fdcd6d4b08845fb25ba4c00ed5e4d60
904cd9838fb672adb5bd6c0d893d3c00920bb50f9774b71790b1017b4e42b2e5
9bbcdf829b5aa64649daf841121e4f202aca979b883869cb9162b19ee16c45d6
a010faad9f252201c7c5096a6e781f7a70add7237814ed08365a09f087270483
b7a47fb3710a0501d0833991bc2875a807f4705699d1ff3368b0b3ade6456a5b
b8d3ba1d2278fadfc8ea7e17c4babe8b3d8c629b2e7e3e33690ee94e182cd79e
bced0264cfd64147a011c2df12645beb5728e815bdcb5ee5b87965c005ede9de
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
d4344cb40e693493948aadabd722ffe55c01398ac6ecf063bb6860cba5654912
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019
e10945e24b5e30c82ec5201677e730eb261c51a06dd808265c1a258a8cd26863
e366fcc3c86290a396c5997317c157dc86ed3a64481972d2381b0a5f97c94668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

pdfmoney.com Open in urlscan Pro 2606:4700:3031::681f:5cbb Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

799 kBTransfer

1188 kBSize

3 Cookies

8 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pdfmoney.com Open in urlscan Pro
2606:4700:3031::681f:5cbb Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

799 kB
Transfer

1188 kB
Size

3
Cookies

38 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!