urlscan.io logo urlscan.io
SecurityTrails logo

brightcarehomeandsupport-trial.thelookoutapp.com Open in urlscan Pro
3.106.96.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brightcarehomeandsupport-trial.thelookoutapp.com/
Effective URL: https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new
Submission: On January 06 via automatic, source certstream-suspicious — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 3.106.96.148, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is brightcarehomeandsupport-trial.thelookoutapp.com.
TLS certificate: Issued by R3 on January 6th 2023. Valid for: 3 months.
This is the only time brightcarehomeandsupport-trial.thelookoutapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 3.106.96.148 16509 (AMAZON-02)
5 13.33.100.164 16509 (AMAZON-02)
1 23.193.108.39 16625 (AKAMAI-AS)
7 3
Apex Domain
Subdomains		 Transfer
5 cloudfront.net
dpdytnq7j82jq.cloudfront.net
141 KB
2 thelookoutapp.com
brightcarehomeandsupport-trial.thelookoutapp.com
3 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 3420
15 KB
7 3
Domain Requested by
5 dpdytnq7j82jq.cloudfront.net dpdytnq7j82jq.cloudfront.net
2 brightcarehomeandsupport-trial.thelookoutapp.com 1 redirects
1 res.cloudinary.com brightcarehomeandsupport-trial.thelookoutapp.com
7 3

This site contains no links.

Subject Issuer Validity Valid
brightcarehomeandsupport-trial.thelookoutapp.com
R3		 2023-01-06 -
2023-04-06		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2022-12-05 -
2023-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new
Frame ID: D7E9B73371556441F6FF7E80FE49AC47
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hi there, please log in.

Page URL History Show full URLs

  1. https://brightcarehomeandsupport-trial.thelookoutapp.com/ HTTP 302
    https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new Page URL

Detected technologies

Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

158 kB
Transfer

264 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brightcarehomeandsupport-trial.thelookoutapp.com/ HTTP 302
    https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request new
brightcarehomeandsupport-trial.thelookoutapp.com/session/
Redirect Chain
  • https://brightcarehomeandsupport-trial.thelookoutapp.com/
  • https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.106.96.148 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-106-96-148.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
1c416147149081c5f35e321d876a0671aa25449898ae71cd09baa90250506b16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Length
1186
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Jan 2023 02:10:55 GMT
Etag
W/"1c416147149081c5f35e321d876a0671"
Link
<https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css>; rel=preload; as=style; nopush,<https://dpdytnq7j82jq.cloudfront.net/assets/public-b58561c811fbb0ec991ad41164a82e807426d77d.js>; rel=preload; as=script; crossorigin=anonymous; nopush
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (e13668ca8eb7)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
d6615df8-bcbb-b0d6-b869-1ed95516c021
X-Runtime
0.039959
X-Xss-Protection
0

Redirect headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Length
133
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Jan 2023 02:10:55 GMT
Location
https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (e13668ca8eb7)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
d77d9bc9-9f22-5f76-a3cb-f472aa5d47ae
X-Runtime
0.070559
X-Xss-Protection
0
public-45555ca0225056b4317295a3c69294863b55e53b.css
dpdytnq7j82jq.cloudfront.net/assets/ 		85 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6adeb2df1a2f2b86a5c64ccf3afed51ed825b6a470403992667132d8bca7b44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://brightcarehomeandsupport-trial.thelookoutapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 07:53:59 GMT
content-encoding
br
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P2
age
65817
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 05 Jan 2023 03:40:58 GMT
server
AmazonS3
etag
W/"4f377e0dc7c0dae11ea558944315e137"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
vKk0F7heV0gaXTO7NaFBWs2kHGADzZj7BFNc7ULM5Goa2cAJF86Q6A==
public-b58561c811fbb0ec991ad41164a82e807426d77d.js
dpdytnq7j82jq.cloudfront.net/assets/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpdytnq7j82jq.cloudfront.net/assets/public-b58561c811fbb0ec991ad41164a82e807426d77d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
046836303e6258f171311381953e3befcf98e2fb8963bc0ad8c5aa2610433d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://brightcarehomeandsupport-trial.thelookoutapp.com/
Origin
https://brightcarehomeandsupport-trial.thelookoutapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:49:11 GMT
content-encoding
br
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P2
age
2690505
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Nov 2022 01:47:32 GMT
server
AmazonS3
etag
W/"45ee02f29366d6f7bf9a7dabe18eb8d7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
x-frame-options
SAMEORIGIN
x-amz-cf-id
pbC5tmQZfNFK9nLmhXb6xcrkiKZjS_mgsZ-PmsYXy4-kGOmOGqd49g==
light_text_logo.png
res.cloudinary.com/fivegoodfriends-production/image/upload/v1/static/pilot/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/fivegoodfriends-production/image/upload/v1/static/pilot/light_text_logo.png
Requested by
Host: brightcarehomeandsupport-trial.thelookoutapp.com
URL: https://brightcarehomeandsupport-trial.thelookoutapp.com/session/new
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.108.39 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-108-39.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
cbac9b61dc39f9c92d9eeba71cc880fbd57749cbbb530a107290d1ff11f60a7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://brightcarehomeandsupport-trial.thelookoutapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 02:10:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 28 Nov 2022 00:05:58 GMT
server
Cloudinary
etag
"7902a2054180f819283a40a3534dba09"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
akam;dur=305;cpu=62;start=2023-01-06T02:10:57.627Z;desc=miss,rtt;dur=451,cloudinary;dur=18;start=2023-01-06T02:10:57.795Z
accept-ranges
bytes
timing-allow-origin
*
content-length
14699
GT-Walsheim-Medium-2c5f98f2e3b0298c84120f159868c000fd10e007.woff2
dpdytnq7j82jq.cloudfront.net/assets/src/fonts/gt_walsheim/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dpdytnq7j82jq.cloudfront.net/assets/src/fonts/gt_walsheim/GT-Walsheim-Medium-2c5f98f2e3b0298c84120f159868c000fd10e007.woff2
Requested by
Host: dpdytnq7j82jq.cloudfront.net
URL: https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20585f48cff09d67b0566cae9babbf9ee7623080ec80cccd4fda21609b7614a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Origin
https://brightcarehomeandsupport-trial.thelookoutapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 01:31:14 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P2
age
1730383
x-cache
Hit from cloudfront
content-length
38416
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 09 May 2022 00:16:43 GMT
server
AmazonS3
etag
"47907ae6c790a4b2ba058cf93876a603"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-cf-id
-dXbLETMLVdfFavOlhpLZ7yJh7ojggQIgEj_cR998wAv9sPz2kpfVQ==
Canela-Bold-Web-73888e1868ee1b378a1410295f91fb5a6dfb3eaf.woff2
dpdytnq7j82jq.cloudfront.net/assets/src/fonts/canela/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dpdytnq7j82jq.cloudfront.net/assets/src/fonts/canela/Canela-Bold-Web-73888e1868ee1b378a1410295f91fb5a6dfb3eaf.woff2
Requested by
Host: dpdytnq7j82jq.cloudfront.net
URL: https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575eb15e56959545659be4383d59d6513d5566b753a829ac323c032e716411c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Origin
https://brightcarehomeandsupport-trial.thelookoutapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:49:12 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P2
age
2690505
x-cache
Hit from cloudfront
content-length
34669
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 09 May 2022 00:16:43 GMT
server
AmazonS3
etag
"fb2bf3c1fcc5f7285f5893916e8d4da6"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-cf-id
5S5Vltc6nxUpmakysksrqE3e7T3OYqlZe0-BTX-nYlk7Ral1MfoyWA==
GT-Walsheim-Regular-82dbdb1fc42eb028f3df4a2f4d21dda70978a9be.woff2
dpdytnq7j82jq.cloudfront.net/assets/src/fonts/gt_walsheim/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dpdytnq7j82jq.cloudfront.net/assets/src/fonts/gt_walsheim/GT-Walsheim-Regular-82dbdb1fc42eb028f3df4a2f4d21dda70978a9be.woff2
Requested by
Host: dpdytnq7j82jq.cloudfront.net
URL: https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fa79894e84c9fc7f6c77bd207077f3ac958a7c15deab64cbc0d3c6e826d156f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dpdytnq7j82jq.cloudfront.net/assets/public-45555ca0225056b4317295a3c69294863b55e53b.css
Origin
https://brightcarehomeandsupport-trial.thelookoutapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 01:31:14 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P2
age
1730383
x-cache
Hit from cloudfront
content-length
40048
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 09 May 2022 00:16:43 GMT
server
AmazonS3
etag
"756b07831576755f9801631dc18c5478"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-cf-id
6GdQZ8Nk-NEO4dD3Z9tssfm2gy-_B8NTxen_C-T3m3Ay_XRGK9qn4Q==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| Turbolinks boolean| _rails_loaded

1 Cookies

Domain/Path Name / Value
brightcarehomeandsupport-trial.thelookoutapp.com/ Name: _fgf_session
Value: VaE0%2FaG2uBQkJ648eVQ8TD71ceazDcubr1u1VQ2OwZIg1oTkSqmx50zlpP4WVyCtg6MH7kBxjpbcB5kPM7%2BzZgtibk69Hmve5%2BMOtiO4jwKIYL8kWOYRZBunfn6Xw3Kr2eXiZa38ItFqZqieKyOIedREQq1XSalxDARnJgX6siF1n%2BktoYHjpMwN6eBG0ZCZCZgR8Um7TKgvnPgdTjFxfwleSlOI7oHkR8glPh3mX011ctVL14EFN9GADsyt6%2BmDEhU2KSwfZToQUVY4phB0ZYdGj2c%3D--jLNHmIrszvlJi%2B8t--wxsFOE%2FwPugm7W4UJ3fwuQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0