packprodts.com Open in urlscan Pro
132.148.249.245 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://packprodts.com/ckl/EnterpriseID.htm
Submission: On July 12 via automatic, source openphish (July 12th 2018, 10:01:11 pm UTC)

Summary HTTP 15 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 132.148.249.245, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is packprodts.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 10th 2018. Valid for: 2 years.

This is the only time packprodts.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	132.148.249.245 132.148.249.245	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	104.111.234.198 104.111.234.198	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	172.227.115.186 172.227.115.186	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	45.40.130.22 45.40.130.22	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
15	4

9 132.148.249.245 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-249-245.ip.secureserver.net

packprodts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.234.198 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-234-198.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.227.115.186 (Cambridge, United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-115-186.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.40.130.22 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-130-22.ip.secureserver.net

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	packprodts.com packprodts.com	19 KB
4	typekit.net use.typekit.net	96 KB
1	secureserver.net img.secureserver.net	586 B
1	wsimg.com img1.wsimg.com	5 KB
15	4

	Domain	Requested by
9	packprodts.com	packprodts.com
4	use.typekit.net	packprodts.com
1	img.secureserver.net
1	img1.wsimg.com	packprodts.com
15	4

This site contains links to these domains. Also see Links.

Domain
adobeid-na1.services.adobe.com

Subject Issuer	Validity	Valid
packprodts.com Go Daddy Secure Certificate Authority - G2	`2018-07-10` - `2020-07-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://packprodts.com/ckl/EnterpriseID.htm
Frame ID: 0DB62C3AB18C46891BA34EFAFD25630B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

env /^Typekit$/i

Page Statistics

15
Requests

60 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

120 kB
Transfer

203 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/pages/start_forgot_password?client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&idp_flow_type=login_t2&s_account=adbadobenonacdcprod%2Cadbims
Title:

Search URL Search Domain Scan URL

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/pages/create_account?client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&idp_flow_type=login_t2&s_account=adbadobenonacdcprod%2Cadbims
Title: Get an Adobe ID

Search URL Search Domain Scan URL

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/pages/login?idp_flow_type=login_t2&client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&idp_flow_type=login_t2&s_account=adbadobenonacdcprod%2Cadbims
Title: Sign in with an Enterprise ID

Search URL Search Domain Scan URL

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/social/v2/signin/facebook?client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&idp_flow_type=login_t2&s_account=adbadobenonacdcprod%2Cadbims
Title: Facebook

Search URL Search Domain Scan URL

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/social/v2/signin/google?client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&idp_flow_type=login_t2&s_account=adbadobenonacdcprod%2Cadbims
Title: Google

Search URL Search Domain Scan URL

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/pages/start_forgot_password?client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&s_account=adbadobenonacdcprod%2Cadbims&idp_flow_type=login_t2
Title:

Search URL Search Domain Scan URL

URL: https://adobeid-na1.services.adobe.com/renga-idprovider/pages/login?idp_flow_type=login&client_id=adobedotcom2&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2Fadobedotcom2%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26scope%3Dcreative_cloud%252CAdobeID%252Copenid%252Cgnav%252Cread_organizations%252Cadditional_info.projectedProductContext%252Csao.ACOM_CLOUD_STORAGE%252Csao.stock%252Csao.cce_private%252Cadditional_info.roles&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2Fadobedotcom2%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%26response_type%3Dtoken&display=web_v2&locale=en_US&relay=ecbf831c-d08c-4450-a133-173f2360418f&flow=true&flow_type=token&idp_flow_type=login_t2&s_account=adbadobenonacdcprod%2Cadbims
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request EnterpriseID.htm Show response
packprodts.com/ckl/ 38 KB
8 KB 288ms
96ms Document
text/html 132.148.249.245
GoDaddy.com

General

packprodts.com Open in urlscan Pro 132.148.249.245 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

60 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

120 kBTransfer

203 kBSize

0 Cookies

7 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

packprodts.com Open in urlscan Pro
132.148.249.245 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

60 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

120 kB
Transfer

203 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!