pdfdocument1-9242.web.app
Open in
urlscan Pro
199.36.158.100
Malicious Activity!
Public Scan
Effective URL: https://pdfdocument1-9242.web.app/
Submission: On December 01 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by GTS CA 1D4 on October 19th 2022. Valid for: 3 months.
This is the only time pdfdocument1-9242.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 199.36.158.100 199.36.158.100 | 54113 (FASTLY) (FASTLY) | |
1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
2 | 13.32.27.32 13.32.27.32 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 162.19.88.69 162.19.88.69 | 16276 (OVH) (OVH) | |
20 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-32.fra56.r.cloudfront.net
auth.services.adobe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
web.app
pdfdocument1-9242.web.app |
640 KB |
2 |
adobe.com
auth.services.adobe.com — Cisco Umbrella Rank: 4257 |
141 KB |
1 |
postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 20042 |
10 KB |
1 |
cdn-services.com
ns.cdn-services.com |
892 B |
20 | 4 |
Domain | Requested by | |
---|---|---|
16 | pdfdocument1-9242.web.app |
pdfdocument1-9242.web.app
|
2 | auth.services.adobe.com | |
1 | i.postimg.cc | |
1 | ns.cdn-services.com |
pdfdocument1-9242.web.app
|
20 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2022-10-19 - 2023-01-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-15 - 2023-08-15 |
a year | crt.sh |
auth.services.adobe.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-05 - 2023-06-05 |
a year | crt.sh |
postimg.cc R3 |
2022-10-17 - 2023-01-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pdfdocument1-9242.web.app/
Frame ID: 0F329EA6565AD228EF22A527599CE9FA
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Adobe IDPage URL History Show full URLs
-
http://pdfdocument1-9242.web.app/
HTTP 307
https://pdfdocument1-9242.web.app/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pdfdocument1-9242.web.app/
HTTP 307
https://pdfdocument1-9242.web.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
pdfdocument1-9242.web.app/ Redirect Chain
|
628 B 612 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
pdfdocument1-9242.web.app/config/ |
778 B 560 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.5a40c34c.js
pdfdocument1-9242.web.app/assets/ |
124 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.52370c57.css
pdfdocument1-9242.web.app/assets/ |
450 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inject.ed6fa51f.js
pdfdocument1-9242.web.app/assets/ |
518 KB 131 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_commonjsHelpers.0592d25c.js
pdfdocument1-9242.web.app/assets/ |
435 B 326 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip
ns.cdn-services.com/ |
326 B 892 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MainLayout.59d4e399.js
pdfdocument1-9242.web.app/assets/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
use-router-link.915e416e.js
pdfdocument1-9242.web.app/assets/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
use-dark.be7487b7.js
pdfdocument1-9242.web.app/assets/ |
2 KB 949 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
plugin-vue_export-helper.21dcd24c.js
pdfdocument1-9242.web.app/assets/ |
89 B 432 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IndexPage.e71ad6ed.js
pdfdocument1-9242.web.app/assets/ |
64 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
QBtn.76e445bd.js
pdfdocument1-9242.web.app/assets/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxM.f2abf7fb.woff
pdfdocument1-9242.web.app/assets/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmWUlfBBc-.e0fd57c0.woff
pdfdocument1-9242.web.app/assets/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
materialdesignicons-webfont.da7fba3c.woff2
pdfdocument1-9242.web.app/assets/ |
318 KB 312 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc-.9ce7f3ac.woff
pdfdocument1-9242.web.app/assets/ |
20 KB 20 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fotolia_241479172_XL.jpg
auth.services.adobe.com/img/canvas/ |
138 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adobe_logo_white.svg
auth.services.adobe.com/img/generic/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
i.postimg.cc/RFw93ZNF/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| config function| vueRecaptchaApiLoaded boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.services.adobe.com
i.postimg.cc
ns.cdn-services.com
pdfdocument1-9242.web.app
13.32.27.32
162.19.88.69
199.36.158.100
2620:0:890::100
2a06:98c1:3121::3
053256795d10260e773cd3b483e448cc730a0eeb4b28c42d91439a8e65b4053c
0a46469688f40965a02fbc35143ac48c0d364a0dfc81db841a010a4036fa7e6c
0ee67c4b246f40a6734a113574b080e8a2096c8011989be916b6f0385bb109e8
343b22254c6acd7c3379cdf7f5bd8a08b3a954fad60ed29abb85654e80568757
4fb876f2665c212a81cef34e816d182361f96dfae889b3262e9de8d4199b950d
581d63b00676ead5f8e63915d0e4772b7d99e3bb2aa4a614fc8692eab8479e17
738250389dbf4216fcf6725ed62a0138a674fb48f616b24ea52030c32d7ebca3
8c1ad0a8a6ad277bc3f538059700b6203db444104b00c122f550423673f0728d
8c7ec369b28fac3aec396efa81e48671c522b55a43c16aba0ae4add527c60bde
9ce7f3ac47b91743893a2d29fe511a7ebec7aef52b2ea985fa127448d1f227c1
ab64ae2a15cab09d2ee9298d215922296af6200d5f6150acaaa7a619e93833e0
ac044f01311effaf8520e1c44d4d788491a5ef06f8d923ea7e44aaf476f935e2
b7f40438c733a20a88ff0635f88e07322574bd63b1838c54a8af944bfd011599
d91c29bcf81c848135875cec80202a9a5c36fbe48e35483a143ce6a177275adc
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
e0fd57c0d9537d9c9884b6a8ad8c1823800d94dcfb6a2cc988780fe65a592fe6
e3230480e948a98e813ac7c59cac14ffbcea960a375a4e73e713c4e0141223b5
ebfa3de43f04d095aa1599c80c8077308e2501a75656d38fc4d71c64747c4f58
f2abf7fbabe298e5823d257e48f5dc2138c6d5e0c210066f76b0067e8eda194f
f745fd9c634d83af027554d648eba9900a8bdf5b67a039bf819aa4c165ca04cc