loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud
Open in
urlscan Pro
159.8.199.241
Malicious Activity!
Public Scan
Submission: On January 31 via api from JP — Scanned from NL
Summary
This is the only time loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Dotloop (Real Estate)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 159.8.199.241 159.8.199.241 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 | 18.66.248.123 18.66.248.123 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2 |
ASN36351 (SOFTLAYER, US)
PTR: s3.ams03.objectstorage.softlayer.net
loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-123.dus51.r.cloudfront.net
www.dotloop.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
dotloop.com
www.dotloop.com — Cisco Umbrella Rank: 71378 |
31 KB |
1 |
appdomain.cloud
loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud |
9 KB |
2 | 2 |
Domain | Requested by | |
---|---|---|
1 | www.dotloop.com |
loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud
|
1 | loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud | |
2 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dotloop.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dotloop.com Amazon |
2022-09-19 - 2023-10-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud/index.html
Frame ID: F8E4731ACBDAC986AEB867FB2283EEB5
Requests: 2 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: FORGOT YOUR PASSWORD?
Search URL Search Domain Scan URL
Title: SIGN UP
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud/ |
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dotloop_logo.jpg
www.dotloop.com/my/static/images/external/ |
30 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Dotloop (Real Estate)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange function| validateForm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
loop-185845341-file-8120993876489da.s3.ams03.cloud-object-storage.appdomain.cloud
www.dotloop.com
159.8.199.241
18.66.248.123
41bfdcedab5c7503f916a97ed3375db14b4b6dc706a16a8f50ef30cc2cefd78b
6439ded0d728f70caa03a4337cf025b3b53b0f2f59942b34478efca88c7b3438