pdfmoney.com
Open in
urlscan Pro
2606:4700:3031::681f:5dbb
Malicious Activity!
Public Scan
URL:
https://pdfmoney.com/.well-known/alasika093/
Submission: On June 11 via automatic, source openphish
Submission: On June 11 via automatic, source openphish
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 38 HTTP transactions.
The main IP is 2606:4700:3031::681f:5dbb, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is pdfmoney.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2020. Valid for: a year.
This is the only time pdfmoney.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2020. Valid for: a year.
This is the only time pdfmoney.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alaska USA Federal Credit Union (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 39 | 2606:4700:303... 2606:4700:3031::681f:5dbb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 38 | 1 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
pdfmoney.com
1 redirects
pdfmoney.com |
783 KB |
| 38 | 1 |
| Domain | Requested by | |
|---|---|---|
| 39 | pdfmoney.com |
1 redirects
pdfmoney.com
|
| 38 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| login.alaskausa.org |
| www.alaskausa.org |
| go.alaskausa.org |
| www.youtube.com |
| www.facebook.com |
| www.linkedin.com |
| twitter.com |
| www.instagram.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-05-31 - 2021-05-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pdfmoney.com/.well-known/alasika093/
Frame ID: 2CF8F99895BCEC844F038CC3140B40BB
Requests: 38 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://pdfmoney.com/.well-known/alasika093
HTTP 301
https://pdfmoney.com/.well-known/alasika093/ Page URL
Detected technologies
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
URL: https://login.alaskausa.org/efs/ultrabranch/ForgotPAC
Title: Forgot Login
Title: Forgot Login
Search URL Search Domain Scan URL
URL: https://www.alaskausa.org/enroll
Title: Enroll
Title: Enroll
Search URL Search Domain Scan URL
URL: https://go.alaskausa.org/learn
Title: Build Your Financial Know-How Articles, videos, and tips to help you plan for your financial future
Title: Build Your Financial Know-How Articles, videos, and tips to help you plan for your financial future
Search URL Search Domain Scan URL
URL: https://www.youtube.com/AlaskaUSAFCU
Title: Alaska USA on YouTube
Title: Alaska USA on YouTube
Search URL Search Domain Scan URL
URL: https://www.facebook.com/AlaskaUSAFCU
Title: Facebook iconFacebook
Title: Facebook iconFacebook
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/alaska-usa-federal-credit-union
Title: LinkedIn iconLinkedIn
Title: LinkedIn iconLinkedIn
Search URL Search Domain Scan URL
URL: https://twitter.com/alaskausa
Title: Twitter iconTwitter
Title: Twitter iconTwitter
Search URL Search Domain Scan URL
URL: https://www.instagram.com/alaskausafcu/
Title: InstagramInstagram
Title: InstagramInstagram
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://pdfmoney.com/.well-known/alasika093
HTTP 301
https://pdfmoney.com/.well-known/alasika093/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
pdfmoney.com/.well-known/alasika093/ Redirect Chain
|
143 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusafonts74d1.css
pdfmoney.com/.well-known/alasika093/css/ |
4 KB 992 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusa-base.css
pdfmoney.com/.well-known/alasika093/css/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusa-phone.css
pdfmoney.com/.well-known/alasika093/css/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusa-desktop.css
pdfmoney.com/.well-known/alasika093/css/ |
20 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusa-print.css
pdfmoney.com/.well-known/alasika093/css/ |
427 B 297 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slick.css
pdfmoney.com/.well-known/alasika093/css/ |
3 KB 960 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusa-home.css
pdfmoney.com/.well-known/alasika093/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.11.3.min.js
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jsSuite-1.9.5.js
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/ |
60 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.accAccordion.js
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.leanModal.AKUSA.2.1.js
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slick.181.js
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/js/jquery/slick/ |
90 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akusafcu_logo.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Q3-Background-Photos-Blue.jpg
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Q3-Floating-Banner-Blue.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Q3-Background-Photos-Green.jpg
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Q3-Floating-Banner-green.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Q3-Background-Photos-Yellow.jpg
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Q3-Floating-Banner-yellow.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
billpay.jpg
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
billpay_float.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/primary/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Great_Rates.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
24_7.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Safeguard.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
House.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Credit_Card.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ClickSWITCH.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
learn.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/current/promo/data/images/secondary/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ncua.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EHL.png
pdfmoney.com/.well-known/alasika093/www.alaskausa.org/images/nav/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header_bg.png
pdfmoney.com/.well-known/alasika093/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
navSprites.png
pdfmoney.com/.well-known/alasika093/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homeSprites.png
pdfmoney.com/.well-known/alasika093/images/ |
186 KB 186 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PTN57F-webfont.woff
pdfmoney.com/.well-known/alasika093/fonts/ |
25 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AkusaIcon67f9.woff
pdfmoney.com/.well-known/alasika093/fonts/ |
17 KB 17 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agf.gif
pdfmoney.com/ |
18 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajax-loader.html
pdfmoney.com/.well-known/alasika093/css/ |
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
&dp=24&sh=1200&sw=1600&bn=Chrome&bv=83&pn=Linux&pr=x86_64&bl=en-us&js=1.7&hn=pdfmoney.com&vi=70193433&vs=701934331591879056&_=832063&v=040){kind=link}
&dp=24&sh=1200&sw=1600&bn=Chrome&bv=83&pn=Linux&pr=x86_64&bl=en-us&js=1.7&hn=pdfmoney.com&vi=70193433&vs=701934331591879056&_=832063&v=040){kind=link}
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alaska USA Federal Credit Union (Banking)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| ub function| $ function| jQuery boolean| o object| p boolean| v string| M object| agf number| leanModal_pageUsageCount function| lmMini function| loadToggle function| toggleContent function| toggleList string| resizePreviousView function| handleResize function| toggleSideMenu function| slideMenuIntoView function| addDisclosureToExternalLinks function| FlagUB function| AddTracker function| acMini string| resizePreviousView_default function| handleResize_default object| jQuery1113025119386954710854 function| onHide function| onBeforeShow function| applyHandlers function| onButtonKeydown function| onMenuKeydown function| onButtonClick3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| pdfmoney.com/ | Name: agft Value: 0c0434e68dcb77aaea3eaf9536f67c2a.70193433 |
|
| pdfmoney.com/ | Name: agfs Value: 0c0434e68dcb77aaea3eaf9536f67c2a.70193433&1591879056&1591879056&direct&(none)&&&&& |
|
| .pdfmoney.com/ | Name: __cfduid Value: d59386887a10b81b4a821f41baa3ebf2a1591879053 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pdfmoney.com
2606:4700:3031::681f:5dbb
083575b88f2fce93be0b45e4d9c8f928ccea5bd669abfb88e959fe5df8b9f6e2
0c0db8b02b367b0a0a825d7b53e089d070675e46f495e248b501a7688774e7c5
0f8a809653dccad6b1246b84439448d9b4be08ebdabf504b6b7d2dcc43b1fe6d
112768a21be11d1b92cbdd81296364346fd65ee195c5b53ef75111b793b2131e
1479b9729af793ebffa6c5076a19eec691a2047ad212fd461b7fbe29c8831793
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
1d27b37574d2d3dcad6a7dd41079ebe2fbe5faf71c63c5805fea3b7cd72ad754
23f614c53e35afae28a843e1ff6bde539f5c74b5725c62b3f6e2c8f439e4bc3c
27e4a6a16d9236696abb5a8f479dd8f86f9a92e8db6b2c759d0f1123be388877
2adbd54978e8c18e98f509b9c99d935c676faaa994f89aa3de66770a0f890206
3230f11f87ac7aa3afcde93c95793a2e00651d4bbae8b8fc3d12667daf8052fa
3bd1af540376e5bcb655608774e16f5d84baa5a339a9ac2799a1bbaad058a36c
42a60c275762c54d2609fc3f4c3e92b890438a13544acedb78acc1429a6f75e8
4446f75d0c8f1c2ddf279a1906fe2f180bd1ec6947c3429d112473c99989c71d
45334c39a6ca18a5fde4f0b28fc2c917f0fe3689dd0973edb6a395a1087d3f12
505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf
52971357358c85dd78615a755652e08630d5963aaa68ded0873f1efb9df4ee25
5bf9db11eaad113f8b70430b03bc111ebd7d13e87a150899afcb72e7885b7151
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
70e0c0741152cb9d4ac39ca288aae9fa555a215e752681ddba397861cf4e9f57
718e0970b2242e2b2ba6a58d0a1a3f0abb41b32e08fbd2e6c9c3029759ee2abe
840b945fdae9b827d3eeec3047c593b98fdcd6d4b08845fb25ba4c00ed5e4d60
904cd9838fb672adb5bd6c0d893d3c00920bb50f9774b71790b1017b4e42b2e5
9bbcdf829b5aa64649daf841121e4f202aca979b883869cb9162b19ee16c45d6
a010faad9f252201c7c5096a6e781f7a70add7237814ed08365a09f087270483
a328490627eacb6617efbeaaef27f0e6da6f66fa592264a76ec825ad8e100745
b7a47fb3710a0501d0833991bc2875a807f4705699d1ff3368b0b3ade6456a5b
b8d3ba1d2278fadfc8ea7e17c4babe8b3d8c629b2e7e3e33690ee94e182cd79e
bced0264cfd64147a011c2df12645beb5728e815bdcb5ee5b87965c005ede9de
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
d4344cb40e693493948aadabd722ffe55c01398ac6ecf063bb6860cba5654912
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019
e10945e24b5e30c82ec5201677e730eb261c51a06dd808265c1a258a8cd26863
e366fcc3c86290a396c5997317c157dc86ed3a64481972d2381b0a5f97c94668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8