cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Acrobat reaching out to ip addresses flagged as suspicous.

informations75755996
New Here ,
Dec 19, 2017 Dec 19, 2017

Copy link to clipboard

Copied

Recently we were informed about a potential issue with a .pdf that we were hosting. A partners IT dept flagged (using hybrid-analysis.com) an IP that may be malicious.

We ran our own hybrid-analysis test and used wireshark to observe the traffic and noticed similar ip ranges being used.

Can adobe confirm if ip's of or around 54.82.40.215 and 54.174.153.125 (whois'd to amazon web service) are adobe or is this a real threat?

TOPICS
General troubleshooting

Views

290

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Dov Isaacs
Dec 20, 2017 Dec 20, 2017

It is public knowledge that AWS (Amazon Web Services) are used to host some of Adobe's services. Acrobat could be attempting logon with an Adobe ID to the Document Cloud or Creative Cloud, including searching for whether there are available updates for the software.

          - Dov

Votes

Translate

Translate
replies 2 Replies 2
latest latest Jump to latest reply
Test Screen Name
LEGEND ,
Dec 20, 2017 Dec 20, 2017

Copy link to clipboard

Copied

Amazon offer web services to millions of companies, they are one of the largest providers of services. These will include some of the largest companies in the world and some shady customers too... Amazon do not reveal which of their customers is assigned (at any particular moment) an IP.

If all PDFs connect here, maybe it is indeed Adobe. If this is a single PDF, not under your control, maybe it uses a private connection scheme with someone, for example for digital rights management or for some multimedia.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dov Isaacs
Dec 20, 2017 Dec 20, 2017

Copy link to clipboard

Copied

LATEST

It is public knowledge that AWS (Amazon Web Services) are used to host some of Adobe's services. Acrobat could be attempting logon with an Adobe ID to the Document Cloud or Creative Cloud, including searching for whether there are available updates for the software.

          - Dov

- Dov Isaacs, former Adobe Principal Scientist (April 30, 1990 - May 30, 2021)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
About Adobe Acrobat
Adobe Acrobat Learn & Support
Adobe Inc
Whats new in Acrobat DC
Adobe Inc
Plan and Pricing
Adobe Inc
Adobe Acrobat features and tools
Adobe Inc
Adobe Acrobat Feature & Workflow
Edit PDFs
Edit Scanned PDFs
PDF Forms
Sign a PDF
FAQs
How to Edit Scanned or Secured document
Rotate | move | delete and renumber PDF pages
Acrobat download and installation help
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices