urlscan.io logo urlscan.io
SecurityTrails logo

api.getlook.pro Open in urlscan Pro
54.167.189.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://plantinapp.zendesk.com/
Effective URL: https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zendesk.com&timestamp=170...
Submission: On January 31 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 54.167.189.23, located in United States and belongs to AMAZON-AES, US. The main domain is api.getlook.pro.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 7th 2023. Valid for: a year.
This is the only time api.getlook.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.16.51.111 13335 (CLOUDFLAR...)
1 54.167.189.23 14618 (AMAZON-AES)
1 1
Apex Domain
Subdomains		 Transfer
2 zendesk.com
plantinapp.zendesk.com
2 KB
1 getlook.pro
api.getlook.pro
201 B
1 2
Domain Requested by
2 plantinapp.zendesk.com 2 redirects
1 api.getlook.pro
1 2

This site contains no links.

Subject Issuer Validity Valid
getlook.pro
Amazon RSA 2048 M01		 2023-03-07 -
2024-04-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zendesk.com&timestamp=1706677440
Frame ID: C9820BDE19A0DFDEE870460F3CF7062C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://plantinapp.zendesk.com/ HTTP 301
    https://plantinapp.zendesk.com/access HTTP 302
    https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zende... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://plantinapp.zendesk.com/ HTTP 301
    https://plantinapp.zendesk.com/access HTTP 302
    https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zendesk.com&timestamp=1706677440 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api.getlook.pro/
Redirect Chain
  • https://plantinapp.zendesk.com/
  • https://plantinapp.zendesk.com/access
  • https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zendesk.com&timestamp=1706677440
2 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zendesk.com&timestamp=1706677440
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.189.23 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-189-23.compute-1.amazonaws.com
Software
/ Express
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
content-length
2
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 05:04:01 GMT
etag
W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
server-timing
intid;desc=0b0291ed3b770e10
vary
Origin
x-powered-by
Express

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84df695479668fd4-FRA
content-length
205
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 05:04:00 GMT
location
https://api.getlook.pro/?brand_id=4414493179537&locale_id=1&return_to=https%3A%2F%2Fplantinapp.zendesk.com&timestamp=1706677440
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HzVXlOtixJykyZE1J2nYtsHcErR%2Bv9NSbnfG7CDzs3SHrX%2FBD%2BpjAzg6jjSQIaD3H1scpUH1Hm%2BSOzfuJLOISinDu%2B7Qp0NG5jkpYfUxYgZpRf6BF0iDNIcG8IyxgTZZ0rGKVo6ix0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=259200; includeSubDomains
x-request-id
84df695479668fd4-FRA 84df695479668fd4-FRA
x-runtime
0.057871
x-zendesk-origin-server
classic-app-server-d45bc7465-kr4gs
x-zendesk-zorg
yes

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
plantinapp.zendesk.com/ Name: _zendesk_shared_session
Value: -VUxpMm1FOENTN1A4RFZDNUZMYUlkYlIzZVkzbXdxYUpuRUtORHJ3T29YazR2MWJkbGI2YkhpNHRFYUtydmNNMDZ0bVRCTUUvdVZYbkZZbk5JWXZZNVRSRzlqTTlsTmliMk5vMVNCUGU5TDJibEpvT21hT0M1enF5c1I2TUNKTGJzNkxUSGRUQmM1RnZ4ZWRMRmZJSVlBPT0tLTNYMkFTamNobGpBaXZFa1IzSXNOR0E9PQ%3D%3D--6de544666fc92d5042705ae11a63ef9c12a9c7d9
.plantinapp.zendesk.com/ Name: __cfruid
Value: 875b34e306e2f5d638d8ac870202c4192a3d6aef-1706677440
.plantinapp.zendesk.com/ Name: _cfuvid
Value: PIxKb6NBSJRYGpfon8BHoim44XFBueZgARYxlcs0KE4-1706677440712-0-604800000
plantinapp.zendesk.com/ Name: _zendesk_session
Value: zXYoI8fI5lUAqHebWQ9%2Boi5wB3HLJ%2BdnoZHSd4nZmlU6uouvxLkgSAVX1MIrtFkWVrY9sbkGaeqe7uCpDj%2FY3glTKvKK%2Fz1SVoqNzpch03kbNC7BDTscN7e5tp4m94naO4gNBQmcSFBjPHM7wFrR%2BQEkqdmm33MwhsR8J02%2Bb7TpMbgIqSx2dhNaaqBNELiMu50BDpcqnBWkWld6rYp5RUYjmr8Pq0p4nXPGNWbd%2FTH7GhffB3Yc6VYl%2B%2Fg43A04TGaKeijPeafruGBtxpXyjZnwA2z3BzVA5nbIitiRuj01rMeEcoaDk2zjVf8%2BwUVXikkxup3G9%2BM%2FpGqfCo0ctmy766BcdA6V04jI3aYI9K%2BWziLk9OHYOAvDMACm5ND3CiiPBQ%3D%3D--yW4e38OioL%2F5Vk4P--dkpdH3M48L2YVdqzF14HjQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getlook.pro
plantinapp.zendesk.com
104.16.51.111
54.167.189.23
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df