adobe-connect.gq Open in urlscan Pro
2606:4700:3035::6818:640e  Malicious Activity! Public Scan

Submitted URL: https://u16501255.ct.sendgrid.net/ls/click?upn=ZuFAIcgtjUZjVE-2BOHnSJDftXNBmjk4NUcCax2FIupsms-2BQuJyLM4RS0hPKxjDV-2B4G1HqJfE57gCBE...
Effective URL: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZD...
Submission: On May 26 via manual from HK

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3035::6818:640e, located in United States and belongs to CLOUDFLARENET, US. The main domain is adobe-connect.gq.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 13th 2020. Valid for: 5 months.
This is the only time adobe-connect.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fake Adobe Update

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
5 169.47.124.25 36351 (SOFTLAYER)
3 9 2606:4700:303... 13335 (CLOUDFLAR...)
11 2
Apex Domain
Subdomains
Transfer
9 adobe-connect.gq
adobe-connect.gq
433 KB
5 appdomain.cloud
pdf.us-south.cf.appdomain.cloud
4 KB
1 sendgrid.net
u16501255.ct.sendgrid.net
282 B
11 3
Domain Requested by
9 adobe-connect.gq 3 redirects adobe-connect.gq
5 pdf.us-south.cf.appdomain.cloud
1 u16501255.ct.sendgrid.net 1 redirects
11 3

This site contains no links.

Subject Issuer Validity Valid
*.us-south.cf.appdomain.cloud
DigiCert SHA2 Secure Server CA
2019-09-24 -
2020-09-28
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-05-13 -
2020-10-09
5 months crt.sh

This page contains 1 frames:

Primary Page: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Frame ID: D67507F47F93B8D9C8DA910CE5608F24
Requests: 11 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://u16501255.ct.sendgrid.net/ls/click?upn=ZuFAIcgtjUZjVE-2BOHnSJDftXNBmjk4NUcCax2FIupsms-2BQuJyLM4RS0hPKx... HTTP 302
    https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  2. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  3. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  4. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  5. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  6. https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/index.php?login=puros.khan1@huawei.com HTTP 302
    https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f?session=MWI... HTTP 301
    http://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MW... HTTP 301
    https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

435 kB
Transfer

492 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u16501255.ct.sendgrid.net/ls/click?upn=ZuFAIcgtjUZjVE-2BOHnSJDftXNBmjk4NUcCax2FIupsms-2BQuJyLM4RS0hPKxjDV-2B4G1HqJfE57gCBESnZ9iOWhWwv31SPfGZ5shS211EHjI7wwSDIoaYFJ0Stv2OY2wftVZbF_i5fpniJWPa6h8Lfs7W3aplxdK-2Bd03A1LDAe5Kv-2BbiO5hulQewgSjaCe1vdNLL42OlUdBzop9aLRfy1188sFslCWiGRW4BwIqylk4XR-2FiFdwsFiYD7lQYJO-2BbBi6IBzyenNcbFCvA-2F9cUEtYgJp-2FofNX-2FWcvEIVza-2Ben3GicvvzhvPdNQytYBU3rmjPwwHyImDfbHJXP93e8oVCYqmS-2F55e6k0XlIoar6FVdYKuOr41k-3D HTTP 302
    https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  2. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  3. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  4. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  5. https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com Page URL
  6. https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/index.php?login=puros.khan1@huawei.com HTTP 302
    https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com HTTP 301
    http://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com HTTP 301
    https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u16501255.ct.sendgrid.net/ls/click?upn=ZuFAIcgtjUZjVE-2BOHnSJDftXNBmjk4NUcCax2FIupsms-2BQuJyLM4RS0hPKxjDV-2B4G1HqJfE57gCBESnZ9iOWhWwv31SPfGZ5shS211EHjI7wwSDIoaYFJ0Stv2OY2wftVZbF_i5fpniJWPa6h8Lfs7W3aplxdK-2Bd03A1LDAe5Kv-2BbiO5hulQewgSjaCe1vdNLL42OlUdBzop9aLRfy1188sFslCWiGRW4BwIqylk4XR-2FiFdwsFiYD7lQYJO-2BbBi6IBzyenNcbFCvA-2F9cUEtYgJp-2FofNX-2FWcvEIVza-2Ben3GicvvzhvPdNQytYBU3rmjPwwHyImDfbHJXP93e8oVCYqmS-2F55e6k0XlIoar6FVdYKuOr41k-3D HTTP 302
  • https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.php
pdf.us-south.cf.appdomain.cloud/
Redirect Chain
  • https://u16501255.ct.sendgrid.net/ls/click?upn=ZuFAIcgtjUZjVE-2BOHnSJDftXNBmjk4NUcCax2FIupsms-2BQuJyLM4RS0hPKxjDV-2B4G1HqJfE57gCBESnZ9iOWhWwv31SPfGZ5shS211EHjI7wwSDIoaYFJ0Stv2OY2wftVZbF_i5fpniJWPa6...
  • https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
662 B
738 B
Document
General
Full URL
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.47.124.25 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.7c.2fa9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
35de3269a65ec86df11e6cd3fce726d7472f67df3c2b3cfb3bd32020aa117cd8

Request headers

Host
pdf.us-south.cf.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Backside-Transport
OK OK
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 May 2020 11:56:27 GMT
Server
Apache
Vary
Accept-Encoding
X-Global-Transaction-ID
075554b25ecd03eb303ff02d

Redirect headers

Server
nginx
Date
Tue, 26 May 2020 11:56:26 GMT
Content-Type
text/html; charset=utf-8
Content-Length
101
Connection
keep-alive
Location
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
X-Robots-Tag
noindex, nofollow
index.php
pdf.us-south.cf.appdomain.cloud/
662 B
738 B
Document
General
Full URL
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.47.124.25 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.7c.2fa9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
35de3269a65ec86df11e6cd3fce726d7472f67df3c2b3cfb3bd32020aa117cd8

Request headers

Host
pdf.us-south.cf.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com

Response headers

X-Backside-Transport
OK OK
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 May 2020 11:56:27 GMT
Server
Apache
Vary
Accept-Encoding
X-Global-Transaction-ID
075554b25ecd03eb67ef4fb9
index.php
pdf.us-south.cf.appdomain.cloud/
662 B
738 B
Document
General
Full URL
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.47.124.25 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.7c.2fa9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
35de3269a65ec86df11e6cd3fce726d7472f67df3c2b3cfb3bd32020aa117cd8

Request headers

Host
pdf.us-south.cf.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com

Response headers

X-Backside-Transport
OK OK
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 May 2020 11:56:28 GMT
Server
Apache
Vary
Accept-Encoding
X-Global-Transaction-ID
075554b25ecd03ec303ff3fd
index.php
pdf.us-south.cf.appdomain.cloud/
662 B
738 B
Document
General
Full URL
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.47.124.25 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.7c.2fa9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash

Request headers

Host
pdf.us-south.cf.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com

Response headers

X-Backside-Transport
OK OK
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 May 2020 11:56:28 GMT
Server
Apache
Vary
Accept-Encoding
X-Global-Transaction-ID
075554b25ecd03ec3b116fd7
index.php
pdf.us-south.cf.appdomain.cloud/
716 B
772 B
Document
General
Full URL
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.47.124.25 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.7c.2fa9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash

Request headers

Host
pdf.us-south.cf.appdomain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com

Response headers

X-Backside-Transport
OK OK
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 May 2020 11:56:28 GMT
Server
Apache
Vary
Accept-Encoding
X-Global-Transaction-ID
075554b25ecd03eca8df616f
Primary Request /
adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/
Redirect Chain
  • https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/index.php?login=puros.khan1@huawei.com
  • https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login...
  • http://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login...
  • https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&logi...
5 KB
1 KB
Document
General
Full URL
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:640e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.5
Resource Hash
2c2d49b179988141e44702d0d27ff2e9a5c1fcda2d1b7923bcbfbade435a10c4

Request headers

:method
GET
:authority
adobe-connect.gq
:scheme
https
:path
/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=df42703eaaa04368719fe55925908c9471590494188
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pdf.us-south.cf.appdomain.cloud/index.php?login=puros.khan1@huawei.com

Response headers

status
200
date
Tue, 26 May 2020 11:56:29 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.5
cf-cache-status
DYNAMIC
cf-request-id
02f270700600001f1da4bf9200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5997502cdeba1f1d-FRA
content-encoding
br

Redirect headers

Date
Tue, 26 May 2020 11:56:29 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Tue, 26 May 2020 12:56:29 GMT
Location
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
cf-request-id
02f2706ff60000dfdb3c2c8200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5997502cb801dfdb-FRA
jquery.min.js
adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/
84 KB
29 KB
Script
General
Full URL
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/jquery.min.js
Requested by
Host: adobe-connect.gq
URL: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:640e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

Referer
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 11:56:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 May 2020 11:56:29 GMT
server
cloudflare
etag
W/"14e4e-5a68bc92aab9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5997502e0a741f1d-FRA
cf-request-id
02f27070c800001f1da4804200000001
e3.png
adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/
119 KB
120 KB
Image
General
Full URL
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/e3.png
Requested by
Host: adobe-connect.gq
URL: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:640e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f91938a6534d66ad9ca93f74025f77bca314a08157b455354d280be1193efc7e

Request headers

Referer
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 11:56:30 GMT
cf-cache-status
MISS
last-modified
Tue, 26 May 2020 11:56:29 GMT
server
cloudflare
etag
"1dd69-5a68bc927cf65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5997502e0a781f1d-FRA
content-length
122217
cf-request-id
02f27070c900001f1da4805200000001
e7.png
adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/
121 KB
121 KB
Image
General
Full URL
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/e7.png
Requested by
Host: adobe-connect.gq
URL: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:640e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80286d8a3c0538162f62c6646c961f6556df8a19a5b5091c074d4056fc3faa3

Request headers

Referer
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 11:56:30 GMT
cf-cache-status
MISS
last-modified
Tue, 26 May 2020 11:56:29 GMT
server
cloudflare
etag
"1e241-5a68bc9280c48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59975030b9341f1d-FRA
content-length
123457
cf-request-id
02f270727200001f1da4818200000001
e8.png
adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/
159 KB
159 KB
Image
General
Full URL
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/e8.png
Requested by
Host: adobe-connect.gq
URL: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:640e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd6099bbaa0e3e2c9721345f4c06bd60142cc72bd5a4d190d35dde57918ecb8

Request headers

Referer
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 11:56:30 GMT
cf-cache-status
MISS
last-modified
Tue, 26 May 2020 11:56:29 GMT
server
cloudflare
etag
"27c28-5a68bc9280c48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59975030c9521f1d-FRA
content-length
162856
cf-request-id
02f270727b00001f1da4819200000001
file.png
adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/
1 KB
1 KB
Image
General
Full URL
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/images/file.png
Requested by
Host: adobe-connect.gq
URL: https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:640e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2f86db7ac8ec202cc583c17a465e8ed33d7325e50a1d8b201bdbbfe60eaa6f

Request headers

Referer
https://adobe-connect.gq/adobedocument/en/pdf/cloud/0/ad=300308dff2f464ff22433eb64d8eb61f/?session=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&ref=MWIzMWQ1MDk2ZGM2ZDM0ZDhkMzA4YTc1YTFlMzQ4OTM=&login=puros.khan1@huawei.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 11:56:30 GMT
cf-cache-status
MISS
last-modified
Tue, 26 May 2020 11:56:29 GMT
server
cloudflare
etag
"58d-5a68bc9284936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59975030c9551f1d-FRA
content-length
1421
cf-request-id
02f270727b00001f1da481a200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fake Adobe Update

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| email object| password object| loginBtn object| load number| count

1 Cookies

Domain/Path Name / Value
.adobe-connect.gq/ Name: __cfduid
Value: df42703eaaa04368719fe55925908c9471590494188