sailingview.w3spaces.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 2600:9000:224a:400:b:df74:43c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is sailingview.w3spaces.com.
TLS certificate: Issued by Amazon on August 10th 2021. Valid for: a year.

This is the only time sailingview.w3spaces.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
5	2600:9000:224... 2600:9000:224a:400:b:df74:43c0:93a1		16509 (AMAZON-02) (AMAZON-02)
5	1

5 2600:9000:224a:400:b:df74:43c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sailingview.w3spaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	w3spaces.com sailingview.w3spaces.com	279 KB
5	1

	Domain	Requested by
5	sailingview.w3spaces.com	sailingview.w3spaces.com
5	1

This site contains no links.

Subject Issuer	Validity	Valid
*.w3spaces.com Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sailingview.w3spaces.com/
Frame ID: 30877DE7DE78D48063B35E0E448EE610
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Documents

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

279 kB
Transfer

277 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sailingview.w3spaces.com/	943 B 1 KB	462ms 419ms	Document text/html	2600:9000:224a:400:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sailingview.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:400:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `4ad2b8eafaa6443d6c8fc5968d9dec61e3d595bec7b2a97983caaa1944941b19` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 943 x-amz-id-2 vPXT5K4JA/ZvANiXFByOzHunFChoIPRp2af/Uh70XWlJ1kKbWU3+vjOOsEfYBvr3Xc+tgcK1mME= x-amz-request-id GH59T5AKWM7MHPYM date Thu, 24 Feb 2022 05:48:57 GMT last-modified Tue, 22 Feb 2022 03:17:16 GMT etag "1773c979dec17cc77924c87499f05b30" accept-ranges bytes server AmazonS3 x-cache Miss from cloudfront via 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P1 x-amz-cf-id OGLFHWXDnPvHau3N6C8b4ILejCdfsKJkq-uUWKc14GkuQMQ33vey-A==
GET H2	200	styles.css sailingview.w3spaces.com/	2 KB 2 KB	445ms 445ms	Stylesheet text/css	2600:9000:224a:400:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sailingview.w3spaces.com/styles.css Requested by Host: sailingview.w3spaces.com URL: https://sailingview.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:400:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `fce2b1dbf13d4394758128c2d8641ae69d3b80bcc15df3a29375b6492be3a47f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sailingview.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 05:48:57 GMT via 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront) last-modified Tue, 22 Feb 2022 03:20:47 GMT server AmazonS3 x-amz-request-id GH5BRS7VWXAVD9BS etag "ab85b30b40c2a2f4da7568fc20f1895c" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 1596 x-amz-id-2 M/bou6khv2pFQuMcWAaGcy8c3seC4APeUiMvthaeaOzJ0lcLPEU/QzDgAvHhCnDyN0Xtq2UFbHU= x-amz-cf-id TJiRooihVV-x3Z3GTFiRxjzoEdiB6W-tOxRcqlo1XsWZZ4zoSDI0BQ==
GET H2	200	king.png sailingview.w3spaces.com/	763 B 1 KB	442ms 442ms	Image image/png	2600:9000:224a:400:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sailingview.w3spaces.com/king.png Requested by Host: sailingview.w3spaces.com URL: https://sailingview.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:400:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `a21e82796ce6fafb1c0d9ece004838bfa4ebfe914a66d7a34047b115d06f1c9d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sailingview.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 05:48:57 GMT via 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront) last-modified Mon, 21 Feb 2022 22:37:58 GMT server AmazonS3 x-amz-request-id GH5EZWT210QV9X9F etag "c4e9c225e0816810fee302568609b8e6" x-cache Miss from cloudfront content-type image/png x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 763 x-amz-id-2 pUMRnufeoNMMx74YEUQ+r33Q0zLlgfdyPvEqzUZTuz88keHZvMGeC4MC/oYRvMLQvLszl9PPOuo= x-amz-cf-id 0utx7Cjbw5BQ9aKk4_diJKS6BGOtEXtt1L2RXc6ll7OqWs5WKE-HIA==
GET H2	200	scripts.js Show response sailingview.w3spaces.com/	40 B 467 B	430ms 430ms	Script application/javascript	2600:9000:224a:400:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sailingview.w3spaces.com/scripts.js Requested by Host: sailingview.w3spaces.com URL: https://sailingview.w3spaces.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:400:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `315531e05e0faf33befb1939662f3f0dd1e04174360f67397dea159b70748a02` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sailingview.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 05:48:57 GMT via 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront) last-modified Thu, 17 Feb 2022 18:27:54 GMT server AmazonS3 x-amz-request-id GH5449FTN3F605FP etag "cde52cced31ae9a738e06adee9fd9654" x-cache Miss from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 40 x-amz-id-2 YrNiAM/RmWBweXa+lJCV090+zDdtrBb+7zVTmyGPwJBvpVRId4bJwNCwc42XYzdE9s81hbukBFs= x-amz-cf-id mwhfTLjwJhhj96XzPx7X8wPSY3Vy-k6WgRKqOAt2q0jp34ptnlaaIA==
GET H2	200	login.jpg sailingview.w3spaces.com/	273 KB 274 KB	574ms 573ms	Image image/jpeg	2600:9000:224a:400:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sailingview.w3spaces.com/login.jpg Requested by Host: sailingview.w3spaces.com URL: https://sailingview.w3spaces.com/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:400:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `6bde963a562ffd594492bdff280c01e9e6518856aa3a9f14b96fcad867ce2f0f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://sailingview.w3spaces.com/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 24 Feb 2022 05:48:58 GMT via 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront) last-modified Thu, 17 Feb 2022 18:30:06 GMT server AmazonS3 x-amz-request-id EZ1TBR723AQXWZGY etag "bcc8c3add31d42b2c4b6d13c0db8d3a5" x-cache Miss from cloudfront content-type image/jpeg x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 279841 x-amz-id-2 RjxQE14EY45KParl6wEwsSLqvG+X+WJ4DqeBs12RnCr3DwxGt/XolmTtvwaClr6+TXwhWIe8Iqk= x-amz-cf-id yd69-TEFBGvTyJBJP4YZMcPNZkEdyAokkzOp6lS6ePikLQqXpLwrlQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sailingview.w3spaces.com
2600:9000:224a:400:b:df74:43c0:93a1
315531e05e0faf33befb1939662f3f0dd1e04174360f67397dea159b70748a02
4ad2b8eafaa6443d6c8fc5968d9dec61e3d595bec7b2a97983caaa1944941b19
6bde963a562ffd594492bdff280c01e9e6518856aa3a9f14b96fcad867ce2f0f
a21e82796ce6fafb1c0d9ece004838bfa4ebfe914a66d7a34047b115d06f1c9d
fce2b1dbf13d4394758128c2d8641ae69d3b80bcc15df3a29375b6492be3a47f

sailingview.w3spaces.com Open in urlscan Pro 2600:9000:224a:400:b:df74:43c0:93a1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

279 kBTransfer

277 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

sailingview.w3spaces.com Open in urlscan Pro
2600:9000:224a:400:b:df74:43c0:93a1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

279 kB
Transfer

277 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!