![](/screenshots/d2ce9e99-cc05-4aac-bcd9-dc9aed649f3a.png)
extractorsled.com
Open in
urlscan Pro
45.60.96.12
Malicious Activity!
Public Scan
Submission: On January 15 via manual from GB
Summary
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on October 15th 2019. Valid for: 8 months.
This is the only time extractorsled.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GDrive and other (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 36 | 45.60.96.12 45.60.96.12 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
4 | 107.154.148.12 107.154.148.12 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
45 | 3 |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.148.12.ip.incapdns.net
www.extractorsled.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
extractorsled.com
5 redirects
extractorsled.com www.extractorsled.com |
164 KB |
0 |
msocdn.com
Failed
prod.msocdn.com Failed |
|
45 | 2 |
Domain | Requested by | |
---|---|---|
36 | extractorsled.com |
5 redirects
extractorsled.com
|
4 | www.extractorsled.com |
extractorsled.com
|
0 | prod.msocdn.com Failed |
extractorsled.com
|
45 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
portal.office.com |
g.microsoftonline.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3 |
2019-10-15 - 2020-06-12 |
8 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://extractorsled.com/wp--admln/sharefile/
Frame ID: 595ABE0AF91D6164E7C338A39927EF6F
Requests: 45 HTTP requests in this frame
Screenshot
![](/screenshots/d2ce9e99-cc05-4aac-bcd9-dc9aed649f3a.png)
Page URL History Show full URLs
- https://extractorsled.com/wp--admln/sharefile Page URL
-
https://extractorsled.com/wp--admln/sharefile
HTTP 301
https://extractorsled.com/wp--admln/sharefile/ Page URL
- https://extractorsled.com/wp--admln/sharefile/ Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Feedback
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://extractorsled.com/wp--admln/sharefile Page URL
-
https://extractorsled.com/wp--admln/sharefile
HTTP 301
https://extractorsled.com/wp--admln/sharefile/ Page URL
- https://extractorsled.com/wp--admln/sharefile/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://extractorsled.com/wp--admln/sharefile HTTP 301
- https://extractorsled.com/wp--admln/sharefile/
- https://extractorsled.com/wp--admln/sharefile/css/MasterStyles15MVC.css HTTP 301
- https://www.extractorsled.com/wp--admln/sharefile/css/MasterStyles15MVC.css
- https://extractorsled.com/wp--admln/sharefile/css/shellg2corecss_11377998.css HTTP 301
- https://www.extractorsled.com/wp--admln/sharefile/css/shellg2corecss_11377998.css
- https://extractorsled.com/wp--admln/sharefile/css/shellg2pluscss_baae2042.css HTTP 301
- https://www.extractorsled.com/wp--admln/sharefile/css/shellg2pluscss_baae2042.css
- https://extractorsled.com/wp--admln/sharefile/css/home_bkgd_1.png HTTP 301
- https://www.extractorsled.com/wp--admln/sharefile/css/home_bkgd_1.png
- https://extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.woff HTTP 301
- https://www.extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.woff
- https://extractorsled.com/wp--admln/sharefile/assets/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP 301
- https://www.extractorsled.com/wp--admln/sharefile/assets/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
- https://extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.ttf HTTP 301
- https://www.extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.ttf
- https://extractorsled.com/wp--admln/sharefile/css/shellwofficons_f991c945.woff HTTP 301
- https://www.extractorsled.com/wp--admln/sharefile/css/shellwofficons_f991c945.woff
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
sharefile
extractorsled.com/wp--admln/ |
210 B 534 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
extractorsled.com/ |
154 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
extractorsled.com/ |
29 B 56 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
extractorsled.com/wp--admln/sharefile/ Redirect Chain
|
210 B 510 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
extractorsled.com/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_Incapsula_Resource
extractorsled.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
extractorsled.com/ |
160 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
extractorsled.com/ |
29 B 56 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
extractorsled.com/wp--admln/sharefile/ |
43 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
extractorsled.com/ |
1 B 27 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_Incapsula_Resource
extractorsled.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SpryValidationTextField.css
extractorsled.com/wp--admln/sharefile/assets/ |
1 KB 562 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SpryValidationPassword.css
extractorsled.com/wp--admln/sharefile/assets/ |
905 B 470 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GeminiHomeV2.css
extractorsled.com/wp--admln/sharefile/css/ |
2 KB 838 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conciergehelper.css
extractorsled.com/wp--admln/sharefile/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppTile.css
extractorsled.com/wp--admln/sharefile/css/ |
1 KB 676 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EmbeddedFonts.css
extractorsled.com/wp--admln/sharefile/css/ |
4 KB 549 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MasterStyles15.css
extractorsled.com/wp--admln/sharefile/css/ |
90 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MasterStyles15MVC.css
www.extractorsled.com/wp--admln/sharefile/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shellg2coremincss_ba45585d.css
extractorsled.com/wp--admln/sharefile/css/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shellg2corecss_11377998.css
www.extractorsled.com/wp--admln/sharefile/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data.css
extractorsled.com/wp--admln/sharefile/css/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shellg2pluscss_baae2042.css
www.extractorsled.com/wp--admln/sharefile/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
docusign.png
extractorsled.com/wp--admln/sharefile/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apple-touch-icon-72x72.png
extractorsled.com/wp--admln/sharefile/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
extractorsled.com/wp--admln/sharefile/assets/ |
93 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ddslick.min.js
extractorsled.com/wp--admln/sharefile/assets/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SpryValidationTextField.js
extractorsled.com/wp--admln/sharefile/assets/ |
53 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SpryValidationPassword.js
extractorsled.com/wp--admln/sharefile/assets/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_auth_providers.png
extractorsled.com/wp--admln/sharefile/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_bkgd_1.png
www.extractorsled.com/wp--admln/sharefile/css/ Redirect Chain
|
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Regular-final.woff
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
office365icons.woff
www.extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Light-final.woff
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
www.extractorsled.com/wp--admln/sharefile/assets/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o365.png
extractorsled.com/wp--admln/sharefile/images/ |
669 B 830 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mail_gmail.png
extractorsled.com/wp--admln/sharefile/images/ |
644 B 742 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo.png
extractorsled.com/wp--admln/sharefile/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
live_hotmail.png
extractorsled.com/wp--admln/sharefile/images/ |
517 B 614 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aol.png
extractorsled.com/wp--admln/sharefile/images/ |
909 B 1006 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.png
extractorsled.com/wp--admln/sharefile/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Light-final.ttf
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Regular-final.ttf
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
office365icons.ttf
www.extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
shellwofficons_f991c945.woff
www.extractorsled.com/wp--admln/sharefile/css/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- extractorsled.com
- URL
- https://extractorsled.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A108%2Cr%3A6212)
- Domain
- extractorsled.com
- URL
- https://extractorsled.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A108%2Cr%3A308)
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Regular-final.woff
- Domain
- www.extractorsled.com
- URL
- https://www.extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.woff
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Light-final.woff
- Domain
- www.extractorsled.com
- URL
- https://www.extractorsled.com/wp--admln/sharefile/assets/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Light-final.ttf
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Regular-final.ttf
- Domain
- www.extractorsled.com
- URL
- https://www.extractorsled.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.ttf
- Domain
- www.extractorsled.com
- URL
- https://www.extractorsled.com/wp--admln/sharefile/css/shellwofficons_f991c945.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GDrive and other (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| Spry object| sprypassword1 object| sprytextfield10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
extractorsled.com
prod.msocdn.com
www.extractorsled.com
extractorsled.com
prod.msocdn.com
www.extractorsled.com
107.154.148.12
45.60.96.12
1b3dc93dba42f305b6f8a620500632d84a8d638f0301681e77d48670af4fd3fc
1e433631dd88e2b7c65a36d80acd0134287a5b6effc8a68a6a3f8bfe619928d1
2d550fdca1dc875d19d49bceeea46cba7b2232ff9d22e7300e11d70a58394c7d
40e03d611a8cb5378fa4602a537476f0b36e6863c9679446f020565d7e762578
4bbfd1394dd1e33322145db0d0f7ed7e4aa42aa0bd249232742d44eb3593834c
5888854a59dc13858b0e9ebe32956a963c1f7f49007d35f22dfba95bb705f8ff
5a5c955296c0f51190307c66e84d457d9280dfbbe69f59e297ee36185f5bbc3e
5cbac93a2e14cff1c9fe740472e8525b73bf30e9ea0100137c30a52f06c9fcbe
5da6d83f9476345744ce934cd66925137dc8a59939b3608174e93a23e2c1d0ff
71ae50278a5d9e5c4f018b23dfbc3fed04609ad0641238dd4b1e7aa42c601c66
7203ea431e00ea57bbbeef3d0d86e71660c6cf089ed83f7c9bda8d3c7f15cea8
885475c396e8a0a8b642784f8e6c36987b95d337341e5c504f2be134cfd6cc8b
88afbe1c7ec8a1fff5b526398e2b984fd68bb12be84e40c4d4c4673d98ffe419
a074d12fd1d435a7186ceb2c5e3f27cea592dd8a9c784437cf817bec65fb8cb6
a79d12b1ece73120a07168f3a409515e43736055e7d40a9daf4f8d619e417a0b
aabb6d9a880bb164902f7d8ddd02335e50d75487d4a4f39a2a7f1979471d1002
b780f079a1075575e8ca0095d72fa7a351166df0046ec9a7f1101ac26388adc1
be3dd294404a97383ba63ff1cd5dae6a6158b9d526072cacf1fcc01767735c0a
c03d226d535e1f381fac93772786f5b347f410fd9c4014812f22976cde862418
c7b07a0440ecfbd1f32110a6a5c7e92ecfe0200a65ba5fdd5660a98cf2294c09
cbdc9b5849fb325201286897b5e8219268d340cccbdd5978d02ee37de9df9793
d169701bf57417633e14864305f756c0c4fe2865946f78a1c9e274f1d818fb64
d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d
d3d8ee2d4ee0472554aaf389478fed8a8b944d111f4c88fda04ea68086991f43
e3dd3d2eb577e0976c6c3bb2a597839a4b50019e6f34767d692b371aa6a87dd7
e5c40ee62a65551425ee91e645a0117f2a794854085eae03f990e486209ebd1e
ee63a0504d463e639fd21abb1a96d909f530d309b679e6ab953155cf58f07a84