packprodts.com
Open in
urlscan Pro
132.148.249.245
Malicious Activity!
Public Scan
Submission: On July 12 via automatic, source openphish
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 10th 2018. Valid for: 2 years.
This is the only time packprodts.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 132.148.249.245 132.148.249.245 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 | 104.111.234.198 104.111.234.198 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
4 | 172.227.115.186 172.227.115.186 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 45.40.130.22 45.40.130.22 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
15 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-249-245.ip.secureserver.net
packprodts.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-234-198.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-115-186.deploy.static.akamaitechnologies.com
use.typekit.net |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-130-22.ip.secureserver.net
img.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
packprodts.com
packprodts.com |
19 KB |
4 |
typekit.net
use.typekit.net |
96 KB |
1 |
secureserver.net
img.secureserver.net |
586 B |
1 |
wsimg.com
img1.wsimg.com |
5 KB |
15 | 4 |
Domain | Requested by | |
---|---|---|
9 | packprodts.com |
packprodts.com
|
4 | use.typekit.net |
packprodts.com
|
1 | img.secureserver.net | |
1 | img1.wsimg.com |
packprodts.com
|
15 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
adobeid-na1.services.adobe.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
packprodts.com Go Daddy Secure Certificate Authority - G2 |
2018-07-10 - 2020-07-10 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://packprodts.com/ckl/EnterpriseID.htm
Frame ID: 0DB62C3AB18C46891BA34EFAFD25630B
Requests: 15 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Get an Adobe ID
Search URL Search Domain Scan URL
Title: Sign in with an Enterprise ID
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Google
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
EnterpriseID.htm
packprodts.com/ckl/ |
38 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ecr2zvs.js
packprodts.com/ckl/EnterpriseID_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head.css
packprodts.com/ckl/EnterpriseID_files/ |
46 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_head.js
packprodts.com/ckl/EnterpriseID_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_body.js
packprodts.com/ckl/EnterpriseID_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_capsindicator.js
packprodts.com/ckl/EnterpriseID_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.svg
packprodts.com/ckl/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
l
use.typekit.net/af/9128b0/0000000000000000000176ff/27/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
l
use.typekit.net/af/1f215f/000000000000000000017701/27/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
l
use.typekit.net/af/432f42/000000000000000000017703/27/ |
29 KB 30 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_body.js
packprodts.com/ckl/EnterpriseID_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spectrum_capsindicator.js
packprodts.com/ckl/EnterpriseID_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ecr2zvs.js
use.typekit.net/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
img.secureserver.net/t/1/tl/ |
43 B 586 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| special_day_char undefined| views object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true object| Typekit0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
img.secureserver.net
img1.wsimg.com
packprodts.com
use.typekit.net
104.111.234.198
132.148.249.245
172.227.115.186
45.40.130.22
4bba00293a52fe2f4ee927cfa76c67a08d56e7c2121589e5db62fa2170836bbc
683d777e2f11e4a19371359c4bf66b2d0c861aa9a561e6c257a4c49804694e35
74c0b480ed7e8b7ddbb1d7c242e7cae54bed6a2f652e6a58e48287737e19c1ff
7f4dbd7080e11667d4c3afec8c5d0b2286a4b8806f50413d73425d32e5d51d30
8b7eb699aedbbf4d04907b45f4348e6b54119a6567b4b9f1be4943ba80c5af19
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b97b6df8ca413ee1df0b9cc4dcccbf40bd8539ec54ede0bf9efd06cd94175e04
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed