phishing scam

social_media

English

_hjSession_246790

OptanonAlertBoxClosed

ap3c

ap3sessionkey

_hjSessionUser_246790

OptanonConsent

Domain 'app.openlane.com' uses the commercial generic top-level domain (.com) and includes subdomain 'app'. Its registrable label 'openlane' stretches across 8 characters with four vowels and four consonants. Segmentation suggests two words: open, lane. Median word length comes out to 4 characters. No strong language cues emerged from the frequency lists.

username

password

html/36/2a/362ad771-8937-41b9-a70e-3f1db7cc26cb.html.gz

default-src 'self' kareu.okta-emea.com okta.iam.karglobal.com *.oktacdn.com; connect-src 'self' kareu.okta-emea.com kareu-admin.okta-emea.com okta.iam.karglobal.com *.oktacdn.com *.mixpanel.com *.mapbox.com kareu.kerberos.okta-emea.com kareu.mtls.okta-emea.com https://oinmanager.okta.com data: okta.auth.openlane.com *.ingest.sentry.io; script-src 'unsafe-inline' 'self' 'report-sample' kareu.okta-emea.com okta.iam.karglobal.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' kareu.okta-emea.com okta.iam.karglobal.com *.oktacdn.com; frame-src 'self' kareu.okta-emea.com kareu-admin.okta-emea.com okta.iam.karglobal.com login.okta.com; img-src 'self' kareu.okta-emea.com okta.iam.karglobal.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: blob:; font-src 'self' kareu.okta-emea.com okta.iam.karglobal.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'

_hjSafeContext

9a5504da49c53261efb14d3ab0d1d52a9a649436290282f30d987ed701b3b269

470ae8298d377c5dfee13615bf73dcb83b2520858baef6ef49f4396ac1308cf0

c9f22b84ae8881883a887a3e8a8069d5c6963422615ef9bf25cdd2d3a92b7d58

392b58589862f25d611912d1bd585ed502d280e47c567f3c448b0636b754aa35

305d6a7bd4806ab0b5ddf4137b70641f205368207f1cf7236feaadc41a966d02

a7a092dc8562f7a304945fe87393862346afda529ab19419dc428d648fdbb2c4

376c6f44b1af0cbf20753504b59bd25b9ec240dc285c96b5dea88c3bd916fed8

2a1a9169f89223df95015d387fbc01f64446df67e705934fa8c16ab375714d9d

bb9c268acd0b1ec9c02febd5e27dd28f52dd1886d3da11ca20a04060dada1af4

1a09080be4d3d0d47e46937da8fc69356517890c430a160741f558d7cfdcbaaf

ab3b499d95fdf198b15d2624ac09682c8d00efac2a938f92776be045431aa75a

aaa0ba71106457aefdd27d4a6de9c82d5abe3d32714ca86130592129b950cbc2

499a5623aa6bc8be35d26a195ff85480baf76f1304ae142d49ec7a42d899aee2

f921675902e035e7eaa4c3efc41020a290796eb4fb0e4d3eb7712dea57b8bb63

7862ee2308ae818e3ef0c16475f23a7cd5873093a5f6f9ad4a3e2c875888304d

57ebf068147caf7f780db8babdf1dfa57db24e996daa3ff9c1a37e8be226f9ac

b7171dca698ca454704426d1ff6c7514c6e0d6c415931b37da63d4c7b77ed8c6

97002a3f3a8a505f44559570e716f6e11573f36d3c901c6d1aff8db1ba94f3cc

750529d30885d23e5fe165d871b8b0d767ccd83eee0d632b7c4680e78b8bffae

512ace664bbad12960f4a82f3b44810cd041bb1f6db9f42b56653ba44937deb2

c47bb84af40559f27a847a6e5ad09b5c4cb040ff0d4da08f1021b1d81fd7a8df

A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as [CVE-2025-55184](https://www.cve.org/CVERecord?id=CVE-2025-55184).

A malicious HTTP request can be crafted and sent to any App Router endpoint that, when deserialized, can cause the server process to hang and consume CPU. This can result in denial of service in unpatched environments.

It was found that the fix addressing [CVE-2025-55184](https://github.com/advisories/GHSA-2m3v-v2m8-q956) in React Server Components was incomplete and did not fully prevent denial-of-service attacks in all payload types. This affects React package versions 19.0.2, 19.1.3, and 19.2.2 and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x and 16.x using the App Router. The issue is tracked upstream as [CVE-2025-67779](https://www.cve.org/CVERecord?id=CVE-2025-67779).

A malicious HTTP request can be crafted and sent to any Server Function endpoint that, when deserialized, can enter an infinite loop within the React Server Components runtime. This can cause the server process to hang and consume CPU, resulting in denial of service in unpatched environments.

A vulnerability affects certain React Server Components packages for versions 19.0.x, 19.1.x, and 19.2.x and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x, and 16.x using the App Router. The issue is tracked upstream as [CVE-2026-23864](https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg).

A specially crafted HTTP request can be sent to any App Router Server Function endpoint that, when deserialized, may trigger excessive CPU usage, out-of-memory exceptions, or server crashes. This can result in denial of service in unpatched environments.

A DoS vulnerability exists in self-hosted Next.js applications that have `remotePatterns` configured for the Image Optimizer. The image optimization endpoint (`/_next/image`) loads external images entirely into memory without enforcing a maximum size limit, allowing an attacker to cause out-of-memory conditions by requesting optimization of arbitrarily large images. This vulnerability requires that `remotePatterns` is configured to allow image optimization from external domains and that the attacker can serve or control a large image on an allowed domain.

Strongly consider upgrading to 15.5.10 and 16.1.5 to reduce risk and prevent availability issues in Next applications.

5802c59742bd3fc922a7c738cdfa5150c2a847b9a52989cdcd5d5b356ff49eda

12efb40de95c3f605544536d8e3f0bdb6cbb6347aa536b637f87df86371e031a

df04e1d0c902094fd6c802962b245dd3adab14d144aa840cb87bbbd8bc0821e2

cace38aa4fc773b29e8baec74fe80eef55f9d5a09270c17fdeb01870899e42f4

0973c1d64c88adc8e3c950410cb58b288f72118d5965b78049438deb8f2f9683

64102801531d4c3c723e518c013accd357dadba2f1f0fb891c53f8007a0efdb2

65ed0a8bad1bdc5943c8a917289483eed77ff20803b7c9c6fe67b92e3834b332

description

HandheldFriendly

width=device-width, height=device-height, initial-scale=1.0, minimum-scale=1.0

viewport

next-head-count

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

html/36/2a/362ad771-8937-41b9-a70e-3f1db7cc26cb_nodriver.html.gz

ERROR: The request could not be satisfied

CSC Corporate Domains, Inc.

OPENLANE.COM

Amazon EC2 Abuse

IP Management

Amazon AWS Network Operations

Amazon.com, Inc.

AWS RPKI Management POC

IP Routing

Amazon EC2 Network Operations

AMAZON-CF

OPENLANE US

window.ENV = {"BASE_URL":"https://app.openlane.com","BUGSNAG_BROWSER_API_KEY":"b3368a1052f895473f4054ee0e526c7f","BUGSNAG_ENABLED":"true","GTM_ID":"GTM-57XKDSR","IMAGE_BASE_URL":"","INTERCOM_APP_ID":"nx20hs3r","MARKETING_SMS":"true","NEXT_PUBLIC_NO_AXIOS_TIMEOUT":"false","OKTA_CLIENT_ID":"0oa46yl2gcGKD9pRs0i7","OKTA_ISSUER":"https://okta.iam.karglobal.com/oauth2/default","PUSHER_APP_KEY":"1938ee07913ada49134e","PUSHER_ENABLED":"true","RECAPTCHA_ENABLED":"true","RECAPTCHA_V2_SITE_KEY":"6LeKDO0ZAAAAALaJOH93z2I7Y2X0z6ZUxL19wBDa","RECAPTCHA_V3_SITE_KEY":"6LdGoSIrAAAAAP5ZHIAA-y-HDe9LtrNvt74JTlbE","RELATIVE_BASE_URL":"","RELEASE_STAGE":"production","RESTURL_BASE":"https://app.openlane.com","SEGMENT_WRITE_KEY":"Fcev6YoHcPQTNW1rAquxqnPLjLU4lrqW","SOCKET_IO_URL":"","STOCKWAVE_SCRIPT_URL":"https://stockwave.partners.vauto.com/openlane/1/integration.js","VERSION":"v7.413.2","GOOGLE_PLACES_API_KEY":"AIzaSyBq--1TSTA2xu9NJ5K6UQSMLkvLggHP8rs","PAYSTAND_SCRIPT_URL":"https://checkout.paystand.com/v4/js/paystand.checkout.js","PAYSTAND_PUBLISHABLE_KEY":"6qbpmbfyfo7ok2eeggvd5qi1","PAYSTAND_EXTERNAL_CUSTOMER_ID":"2258170","PAYSTAND_SUBSIDIARY_ID":"13","NEXT_PUBLIC_ORTTO_TRACKING_ID":"Y5bM1Hkq4ZAgyqG-YmFja2xvdGNhcnMy","HELLO_SIGN_CLIENT_ID":"82f3a096e40245457c352504375e7dde","MARKET_GUIDE_PRICING_FORECAST_API":"https://prod-marketguide-service.prd.kar-services.io"};


(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
	new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
	j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
	'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
	})(window,document,'script','dataLayer','GTM-57XKDSR');


Requests	IP Address	Location	AS Autonomous System
45	18.245.31.119	United States	AS16509Amazon.com, Inc.
45	1	-	-

Security Scan Report: app.openlane.com

Summary

AI Security Verdict

Low Risk

Safety Factors

Details

Website Access Blocked

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies10

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History