Windows Analysis Report
https://postoffice.adobe.com/po-server/link/redirect?target=eyJhbGciOiJIUzUxMiJ9.eyJ0ZW1wbGF0ZSI6ImNjX2NvbGxhYl9kY3NoYXJpbmdfdmlld19lbWFpbCIsImVtYWlsQWRkcmVzcyI6Ikxza3JpcEBoYWlncm91cC5jb20iLCJyZXF1ZXN0SWQiOiIwYjZhYWRmNS0wZjFhLTQ2YmUtNThkMC01MWJiYjc0MGI1N2UiLCJsaW5rIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmN

Overview

General Information

Sample URL: https://postoffice.adobe.com/po-server/link/redirect?target=eyJhbGciOiJIUzUxMiJ9.eyJ0ZW1wbGF0ZSI6ImNjX2NvbGxhYl9kY3NoYXJpbmdfdmlld19lbWFpbCIsImVtYWlsQWRkcmVzcyI6Ikxza3JpcEBoYWlncm91cC5jb20iLCJyZXF1ZXN
Analysis ID: 1546699
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

Drops files with a non-matching file extension (content does not match file extension)
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic

Classification

Source: chromecache_587.1.dr Binary or memory string: -----BEGIN PUBLIC KEY----- memstr_ae50207d-4
Source: https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59 HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:50034 version: TLS 1.2
Suricata IDS alerts with low severity for network traffic
Source: Network traffic Suricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 20.12.23.50:443 -> 192.168.2.16:49769
Source: Network traffic Suricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 20.12.23.50:443 -> 192.168.2.16:50034
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=EgY9vGRlLKyDDLm&MD=nfZtzGw3 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=0;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=1;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=0;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=1;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/4507022599913472/envelope/?sentry_key=a70bff58cd4048f9e05163230edfd1bd&sentry_version=7 HTTP/1.1Host: o4505393339695104.ingest.us.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=0;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://acrobat.adobe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "dXJuOmFhaWQ6c2M6VkE2QzI6MjhjM2Y1Y2EtNGVkMy00YTUxLWFmYjAtYWYyMTkzNDk3ZTU5LzEyMDAvanBlZy8wLzA="
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=0;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "dXJuOmFhaWQ6c2M6VkE2QzI6MjhjM2Y1Y2EtNGVkMy00YTUxLWFmYjAtYWYyMTkzNDk3ZTU5LzEyMDAvanBlZy8wLzA="
Source: global traffic HTTP traffic detected: GET /rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=2;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack HTTP/1.1Host: cdn-sharing.adobecc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /utilnav/9.2/utilitynav.css HTTP/1.1Host: prod.adobeccstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /utilnav/9.2/utilitynav.js HTTP/1.1Host: prod.adobeccstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /api/discovery HTTP/1.1Host: pgc.adobe.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonsec-ch-ua-mobile: ?0Authorization: undefinedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-API-Key: dc-prod-virgowebsec-ch-ua-platform: "Windows"Accept: */*Origin: https://acrobat.adobe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /utilnav/9.2/utilitynav.js HTTP/1.1Host: prod.adobeccstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=EgY9vGRlLKyDDLm&MD=nfZtzGw3 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /6gNXXegDB6rtHARrNKRF8w.js HTTP/1.1Host: widget.uservoice.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /users/ai/limits HTTP/1.1Host: dc-genai-access-provisioning-api.adobe.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0Authorization: eyJhbGciOiJSUzI1NiIsIng1dSI6Imltc19uYTEta2V5LWd0LTEuY2VyIiwia2lkIjoiaW1zX25hMS1rZXktZ3QtMSIsInR5cCI6ImF0K2p3dCIsImNyaXQiOlsiZW52Il0sImVudiI6Imltcy1uYTEifQ.eyJqdGkiOiIxNzMwNDY1MjY5OTIyX2Y3OWY2YWY4LTM1NjYtNGYwZS04MTYzLWY3OTNlYThjNjg2MV91dzIiLCJjbGllbnRfaWQiOiJkYy1wcm9kLXZpcmdvd2ViIiwic3ViIjoiMTczMDQ2NTI2OTkyMl9iM2EyMzNhMy05NDAyLTQwYzAtYjhmNC01OTUzN2VmYzRjNTJAR3Vlc3RJRCIsImlzcyI6Imh0dHBzOi8vaW1zLW5hMS5hZG9iZWxvZ2luLmNvbS9pbXMiLCJpYXQiOjE3MzA0NjUyNjksImdkaSI6IjE3MzA0NjUyNjk5MjJfYTg3YWI0MDQtNTUwMi00MjI2LTgxMGEtMGE0OTk2MWFmYWQ1IiwiZXhwIjoxNzMwNDY4ODY5LCJhdHAiOiJndWVzdCIsInNjYyI6IlVTIiwiZ3NlIjoxNzMwNTUxNjY5LCJnZGUiOjE3MzI4ODQ0NjksInNjb3BlIjoiQWRvYmVJRCBvcGVuaWQgRENBUEkgYWRkaXRpb25hbF9pbmZvLmFjY291bnRfdHlwZSBhZGRpdGlvbmFsX2luZm8ub3B0aW9uYWxBZ3JlZW1lbnRzIGFncmVlbWVudF9zaWduIGFncmVlbWVudF9zZW5kIHNpZ25fbGlicmFyeV93cml0ZSBzaWduX3VzZXJfcmVhZCBzaWduX3VzZXJfd3JpdGUgYWdyZWVtZW50X3JlYWQgYWdyZWVtZW50X3dyaXRlIHdpZGdldF9yZWFkIHdpZGdldF93cml0ZSB3b3JrZmxvd19yZWFkIHdvcmtmbG93X3dyaXRlIHNpZ25fbGlicmFyeV9yZWFkIHNpZ25fdXNlcl9sb2dpbiBzYW8uQUNPTV9FU0lHTl9UUklBTCBlZS5kY3dlYiB0a19wbGF0Zm9ybSB0a19wbGF0Zm9ybV9zeW5jIGFiLm1hbmFnZSBhZGRpdGlvbmFsX2luZm8uaW5jb21wbGV0ZSBhZGRpdGlvbmFsX2luZm8uY3JlYXRpb25fc291cmNlIGFkZGl0aW9uYWxfaW5mby5yb2xlcyBwcHMucmVhZCB1cGRhdGVfcHJvZmlsZS5maXJzdF9uYW1lIHVwZGF0ZV9wcm9maWxlLmxhc3RfbmFtZSJ9.TNIwgzRZQv_oixtJ1pA91ex5sRhlETqLdQG6eq9f8oktMPPX-gN1KUuO5iYA6ckPlcaiyeEXuo5tQ6z7EuGvoiWI2nhQbi__o-3yOPiY24pq1EOrkCoxMT6N0wMbOsZDj1FcsKmxUQPat0a3-NnbySMCEVUsAvuLnbvwi1KxQtGjkNuV-QJAqNZF6X99pQxG6Dczf7-PB9nuso7WzoNpXsEGGShmxO1XTVh4cLCGfKb6bfmmaVrwdp8YkWXK0l4jeWoKdoiqKE7QA69ZZg4R41V5u5JOlM1lGKE6uCMFiMJKyg6EvErGUKkrVqucZqzB_9pbdtyheVhgnNJS4gdRkwUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: application/vnd.adobe.dc+json; profile="https://dc-genai-access-provisioning-api.adobe.io/schemas/limits_v2.json"x-api-client-id: api_browserx-api-app-info: dc-web-appx-api-key: dc-prod-virgowebsec-ch-ua-platform: "Windows"Origin: https://acrobat.adobe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /users/ai/limits HTTP/1.1Host: dc-genai-access-provisioning-api.adobe.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic DNS traffic detected: DNS query: adobe.tt.omtrdc.net
Source: global traffic DNS traffic detected: DNS query: api.echosign.com
Source: global traffic DNS traffic detected: DNS query: dc-api.adobecontent.io
Source: global traffic DNS traffic detected: DNS query: widget.uservoice.com
Source: global traffic DNS traffic detected: DNS query: use.typekit.net
Source: global traffic DNS traffic detected: DNS query: static.adobelogin.com
Source: global traffic DNS traffic detected: DNS query: prod.adobeccstatic.com
Source: global traffic DNS traffic detected: DNS query: p.typekit.net
Source: global traffic DNS traffic detected: DNS query: l.betrad.com
Source: global traffic DNS traffic detected: DNS query: ims-na1.adobelogin.com
Source: global traffic DNS traffic detected: DNS query: files-download2.acrocomcontent.com
Source: global traffic DNS traffic detected: DNS query: dc-api-v2.adobecontent.io
Source: global traffic DNS traffic detected: DNS query: c.evidon.com
Source: global traffic DNS traffic detected: DNS query: by2.uservoice.com
Source: global traffic DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic DNS traffic detected: DNS query: cdn-sharing.adobecc.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: o4505393339695104.ingest.us.sentry.io
Source: global traffic DNS traffic detected: DNS query: detect.adobedccdn.com
Source: global traffic DNS traffic detected: DNS query: _19292._https.detect.adobedccdn.com
Source: global traffic DNS traffic detected: DNS query: _39691._https.detect.adobedccdn.com
Source: global traffic DNS traffic detected: DNS query: _49100._https.detect.adobedccdn.com
Source: unknown HTTP traffic detected: POST /api/4507022599913472/envelope/?sentry_key=a70bff58cd4048f9e05163230edfd1bd&sentry_version=7 HTTP/1.1Host: o4505393339695104.ingest.us.sentry.ioConnection: keep-aliveContent-Length: 578sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://acrobat.adobe.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://acrobat.adobe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 64access-control-allow-headers: authorization,x-api-key,x-request-id,if-match,accept,cache-control,uncommitted-revision,rendition-live,if-none-match,x-access-token,Uber-Trace-Id,priority,Content-Dispositionaccess-control-allow-methods: OPTIONS,GETaccess-control-allow-origin: *access-control-expose-headers: asset-id,connection,content-length,content-type,etag,link,location,repository-id,x-breadcrumb-trail,x-request-id,version,video-rendition-available,retry-after,vary,content-location,video-rendition-duration,Total-Count,Content-Dispositionbuild: adea17a6content-type: application/problem+jsonserver: adobex-breadcrumb-trail: INV_F4X1MPBUKG-RENS_G4RE4strict-transport-security: max-age=86400; includeSubDomainstiming-allow-origin: https://stage.acrobat.adobe.com, https://acrobat.adobe.comx-request-id: 6d2bffdc-ac6f-43bc-bf38-7231eb400490Accept-Ranges: bytesDate: Fri, 01 Nov 2024 12:48:12 GMTVia: 1.1 varnishX-Served-By: cache-dfw-kdal2120134-DFWX-Cache: MISSX-Cache-Hits: 0X-Timer: S1730465292.541924,VS0,VE1044Vary: origin,priority,Accept,rendition-live
Source: global traffic HTTP traffic detected: HTTP/1.1 403 Forbiddenx-request-id: 4b5686d5-2906-4505-b56d-3310c3958139content-type: application/jsoncontent-length: 92date: Fri, 01 Nov 2024 12:48:50 GMTserver: adobeconnection: close
Source: chromecache_505.1.dr, chromecache_431.1.dr String found in binary or memory: http://feross.org
Source: chromecache_453.1.dr, chromecache_576.1.dr String found in binary or memory: http://github.com/janl/mustache.js
Source: chromecache_587.1.dr, chromecache_492.1.dr String found in binary or memory: http://iso.org/pdf/ssn
Source: chromecache_587.1.dr, chromecache_492.1.dr String found in binary or memory: http://iso.org/pdf2/ssn
Source: chromecache_500.1.dr, chromecache_496.1.dr String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: http://typekit.com/eulas/0000000000000000000176ff
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017701
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017702
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017703
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017704
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: http://typekit.com/eulas/000000000000000000017706
Source: chromecache_333.1.dr, chromecache_572.1.dr, chromecache_344.1.dr, chromecache_500.1.dr, chromecache_496.1.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_351.1.dr String found in binary or memory: http://www.videolan.org/x264.html
Source: chromecache_642.1.dr, chromecache_606.1.dr String found in binary or memory: https://adobereview.uservoice.com/forums/598411-document-review
Source: chromecache_642.1.dr, chromecache_606.1.dr String found in binary or memory: https://download.adobeprerelease.com/public/resource/1482219688/PreReleaseAgmt%20License-en_US-20160
Source: chromecache_542.1.dr String found in binary or memory: https://ims-na1.adobelogin.com/
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://p.typekit.net/p.gif
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://use.typekit.net/af/40207f/0000000000000000000176ff/27/
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://use.typekit.net/af/4b3e87/000000000000000000017706/27/
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://use.typekit.net/af/74ffb1/000000000000000000017702/27/
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://use.typekit.net/af/a2527e/000000000000000000017704/27/
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://use.typekit.net/af/cb695f/000000000000000000017701/27/
Source: chromecache_611.1.dr, chromecache_335.1.dr String found in binary or memory: https://use.typekit.net/af/eaf09c/000000000000000000017703/27/
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50139
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50138
Source: unknown Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50139 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50137
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50182
Source: unknown Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50182 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown Network traffic detected: HTTP traffic on port 50137 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:50034 version: TLS 1.2
Source: classification engine Classification label: clean1.win@17/540@50/16
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1980,i,2551042674039323830,8865722587685304842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://postoffice.adobe.com/po-server/link/redirect?target=eyJhbGciOiJIUzUxMiJ9.eyJ0ZW1wbGF0ZSI6ImNjX2NvbGxhYl9kY3NoYXJpbmdfdmlld19lbWFpbCIsImVtYWlsQWRkcmVzcyI6Ikxza3JpcEBoYWlncm91cC5jb20iLCJyZXF1ZXN0SWQiOiIwYjZhYWRmNS0wZjFhLTQ2YmUtNThkMC01MWJiYjc0MGI1N2UiLCJsaW5rIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9pZC91cm46YWFpZDpzYzpWQTZDMjoyOGMzZjVjYS00ZWQzLTRhNTEtYWZiMC1hZjIxOTM0OTdlNTkiLCJsYWJlbCI6IjEyIiwibG9jYWxlIjoiZW5fVVMifQ._8FMpgIlJaL8t_oFi82d6XGNnzc2WfW_TfYxKziFaR71h8ZGtJ7PBv8KBam5pa7ud8u9KZnD4KW90UZjwVvtBg"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1980,i,2551042674039323830,8865722587685304842,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Drops files with a non-matching file extension (content does not match file extension)
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 348
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 380 Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: Chrome Cache Entry: 348 Jump to dropped file
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1546699 URL: https://postoffice.adobe.co... Startdate: 01/11/2024 Architecture: WINDOWS Score: 1 5 chrome.exe 11 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.16, 138, 443, 49552 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 adobe.com.ssl.d1.sc.omtrdc.net 63.140.62.17, 443, 49718 OMNITUREUS United States 10->17 19 adobetarget.data.adobedc.net 66.235.152.221, 443, 49713 OMNITUREUS United States 10->19 21 36 other IPs or domains 10->21
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
151.101.1.138
 cdn-sharing.adobecc.map.fastly.net United States
54113 FASTLYUS false
34.254.217.29
 ethos503-prod-irl1-k8s-p2-0-44a754a51c58d666.elb.eu-west-1.amazonaws.com United States
16509 AMAZON-02US false
66.235.152.221
 adobetarget.data.adobedc.net United States
15224 OMNITUREUS false
54.175.249.133
 ethos551-prod-va6-k8s-p2-0-ae4ec75f18def055.elb.us-east-1.amazonaws.com United States
14618 AMAZON-AESUS false
18.239.18.104
 unknown United States
16509 AMAZON-02US false
63.140.62.17
 adobe.com.ssl.d1.sc.omtrdc.net United States
15224 OMNITUREUS false
239.255.255.250
 unknown Reserved
unknown unknown false
67.202.29.163
 unknown United States
14618 AMAZON-AESUS false
52.222.214.49
 dd20fzx9mj46f.cloudfront.net United States
16509 AMAZON-02US false
3.236.206.93
 api.echosign.com United States
14618 AMAZON-AESUS false
18.239.18.116
 prod.adobeccstatic.com United States
16509 AMAZON-02US false
104.18.20.58
 widget.uservoice.com United States
13335 CLOUDFLARENETUS false
142.250.186.132
 www.google.com United States
15169 GOOGLEUS false
34.120.195.249
 o4505393339695104.ingest.us.sentry.io United States
15169 GOOGLEUS false

Private

IP
127.0.0.1
192.168.2.16

Contacted Domains

Name IP Active
dd20fzx9mj46f.cloudfront.net 52.222.214.49 true
privacycollector-production-457481513.us-east-1.elb.amazonaws.com 52.21.182.225 true
widget.uservoice.com 104.18.20.58 true
api.echosign.com 3.236.206.93 true
detect.adobedccdn.com 127.0.0.1 true
ethos503-prod-irl1-k8s-p2-0-44a754a51c58d666.elb.eu-west-1.amazonaws.com 34.254.217.29 true
cdn-sharing.adobecc.map.fastly.net 151.101.1.138 true
adobetarget.data.adobedc.net 66.235.152.221 true
o4505393339695104.ingest.us.sentry.io 34.120.195.249 true
adobe.com.ssl.d1.sc.omtrdc.net 63.140.62.17 true
www.google.com 142.250.186.132 true
by2.uservoice.com 104.18.21.58 true
prod.adobeccstatic.com 18.239.18.116 true
ethos551-prod-va6-k8s-p2-0-ae4ec75f18def055.elb.us-east-1.amazonaws.com 54.175.249.133 true
_49100._https.detect.adobedccdn.com unknown unknown
use.typekit.net unknown unknown
c.evidon.com unknown unknown
ims-na1.adobelogin.com unknown unknown
assets.adobedtm.com unknown unknown
_39691._https.detect.adobedccdn.com unknown unknown
l.betrad.com unknown unknown
dc-api-v2.adobecontent.io unknown unknown
p.typekit.net unknown unknown
_19292._https.detect.adobedccdn.com unknown unknown
dc-api.adobecontent.io unknown unknown
adobe.tt.omtrdc.net unknown unknown
cdn-sharing.adobecc.com unknown unknown
static.adobelogin.com unknown unknown
files-download2.acrocomcontent.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://cdn-sharing.adobecc.com/rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=0;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack false
    		unknown
    https://prod.adobeccstatic.com/utilnav/9.2/utilitynav.js false
      		unknown
      https://o4505393339695104.ingest.us.sentry.io/api/4507022599913472/envelope/?sentry_key=a70bff58cd4048f9e05163230edfd1bd&sentry_version=7 false
        		unknown
        https://prod.adobeccstatic.com/utilnav/9.2/utilitynav.css false
          		unknown
          https://cdn-sharing.adobecc.com/rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=1;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack false
            		unknown
            https://widget.uservoice.com/6gNXXegDB6rtHARrNKRF8w.js false
              		unknown
              https://cdn-sharing.adobecc.com/rendition/id/urn:aaid:sc:VA6C2:28c3f5ca-4ed3-4a51-afb0-af2193497e59;page=2;size=1200;type=image%2Fjpeg?access_token=1730507971_urn%3Aaaid%3Asc%3AVA6C2%3A28c3f5ca-4ed3-4a51-afb0-af2193497e59%3Bpublic_383ea3def3b3eb5568608beed4754fb9decbd811&api_key=dc_sendtrack false
                		unknown