www.betterhelp.com
Open in
urlscan Pro
54.196.94.127
Public Scan
Effective URL: https://www.betterhelp.com/login/?encemail=BH64-NRyFKbtWs2m%2FVUCMEPrkazRTM3Y0RURVNXpiVXRRdmxUZnRtazJTek1nTDlaTE5KcHdzN1JnS...
Submission: On January 26 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Amazon on June 14th 2022. Valid for: a year.
This is the only time www.betterhelp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 14 | 54.196.94.127 54.196.94.127 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 143.204.89.79 143.204.89.79 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 52.204.149.219 52.204.149.219 | 14618 (AMAZON-AES) (AMAZON-AES) | |
23 | 143.204.215.5 143.204.215.5 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:400d:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:440... 2606:4700:4400::ac40:94cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:400d:80d::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 13.32.110.98 13.32.110.98 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 65.9.66.49 65.9.66.49 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:400d:80a::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400d:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 | 54.205.199.201 54.205.199.201 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 3.223.102.10 3.223.102.10 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 158.69.52.117 158.69.52.117 | 16276 (OVH) (OVH) | |
69 | 14 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-94-127.compute-1.amazonaws.com
betterhelp.com | |
www.betterhelp.com | |
www.pridecounseling.com | |
www.mytherapist.com | |
www.regain.us |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-79.fra50.r.cloudfront.net
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-149-219.compute-1.amazonaws.com
www.betterhelp.com | |
www.teencounseling.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-5.fra53.r.cloudfront.net
static.betterhelp.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-98.vie50.r.cloudfront.net
dy7glz37jgl0b.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-49.fra56.r.cloudfront.net
d3ez4in977nymc.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-199-201.compute-1.amazonaws.com
events.betterhelp.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-102-10.compute-1.amazonaws.com
www.faithfulcounseling.com | |
www.betterhelporg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
betterhelp.com
5 redirects
betterhelp.com — Cisco Umbrella Rank: 60733 www.betterhelp.com — Cisco Umbrella Rank: 72524 static.betterhelp.com — Cisco Umbrella Rank: 99406 z.betterhelp.com — Cisco Umbrella Rank: 123592 events.betterhelp.com — Cisco Umbrella Rank: 85281 |
296 KB |
10 |
cloudfront.net
dy7glz37jgl0b.cloudfront.net d3ez4in977nymc.cloudfront.net |
290 KB |
5 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
424 KB |
4 |
recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2176 |
43 KB |
3 |
awswaf.com
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 969822 |
264 KB |
2 |
regain.us
www.regain.us — Cisco Umbrella Rank: 131745 |
1 KB |
2 |
betterhelporg.com
www.betterhelporg.com — Cisco Umbrella Rank: 143924 |
1 KB |
2 |
teencounseling.com
www.teencounseling.com — Cisco Umbrella Rank: 141113 |
1 KB |
2 |
mytherapist.com
www.mytherapist.com — Cisco Umbrella Rank: 143307 |
1 KB |
2 |
faithfulcounseling.com
www.faithfulcounseling.com — Cisco Umbrella Rank: 142244 |
1 KB |
2 |
pridecounseling.com
www.pridecounseling.com — Cisco Umbrella Rank: 142529 |
1 KB |
1 |
trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 2662 |
229 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
1 KB |
69 | 13 |
Domain | Requested by | |
---|---|---|
23 | static.betterhelp.com |
www.betterhelp.com
static.betterhelp.com |
7 | d3ez4in977nymc.cloudfront.net |
www.betterhelp.com
|
6 | www.betterhelp.com |
3 redirects
betterhelp.com
static.betterhelp.com |
4 | events.betterhelp.com |
static.betterhelp.com
|
4 | www.recaptcha.net |
www.betterhelp.com
www.gstatic.com www.recaptcha.net |
3 | www.gstatic.com |
www.recaptcha.net
|
3 | dy7glz37jgl0b.cloudfront.net |
www.betterhelp.com
static.betterhelp.com |
3 | 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com |
betterhelp.com
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com |
3 | betterhelp.com | 2 redirects |
2 | www.regain.us |
static.betterhelp.com
|
2 | www.betterhelporg.com |
static.betterhelp.com
|
2 | www.teencounseling.com |
static.betterhelp.com
|
2 | www.mytherapist.com |
static.betterhelp.com
|
2 | www.faithfulcounseling.com |
static.betterhelp.com
|
2 | www.pridecounseling.com |
static.betterhelp.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | z.betterhelp.com |
www.betterhelp.com
z.betterhelp.com |
1 | usage.trackjs.com | |
1 | fonts.googleapis.com |
www.betterhelp.com
|
69 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.betterhelporg.com |
www.ssllabs.com |
www.facebook.com |
www.linkedin.com |
www.pinterest.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.9021bf3a.us-east-1.token.awswaf.com Amazon |
2022-07-05 - 2023-08-03 |
a year | crt.sh |
betterhelp.com Amazon |
2022-06-14 - 2023-07-12 |
a year | crt.sh |
static.betterhelp.com Amazon |
2023-01-13 - 2024-02-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-09-26 - 2023-09-26 |
a year | crt.sh |
misc.google.com GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-02 - 2023-03-27 |
3 months | crt.sh |
events.betterhelp.com Amazon |
2022-06-15 - 2023-07-14 |
a year | crt.sh |
betterhelporg.com Amazon |
2022-09-26 - 2023-10-25 |
a year | crt.sh |
*.trackjs.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-07-28 - 2023-08-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.betterhelp.com/login/?encemail=BH64-NRyFKbtWs2m%2FVUCMEPrkazRTM3Y0RURVNXpiVXRRdmxUZnRtazJTek1nTDlaTE5KcHdzN1JnSWl0R2M9&utm_source=sms-trig&utm_campaign=rem&utm_term=reminder_30m
Frame ID: 57230EF76DFCD1989ABF265BFABB20BE
Requests: 61 HTTP requests in this frame
Frame:
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LetGMcUAAAAANFcpJR1wJz3D5h_aNFFiQou4cMm&co=aHR0cHM6Ly93d3cuYmV0dGVyaGVscC5jb206NDQz&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=gz020uerlw8o
Frame ID: 199D9D068E5D6F5B3DA465721874263A
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
- http://betterhelp.com/s/009yz4a8 Page URL
-
http://betterhelp.com/s/009yz4a8
HTTP 301
https://betterhelp.com/s/009yz4a8 HTTP 301
http://www.betterhelp.com/s/009yz4a8 HTTP 301
https://www.betterhelp.com/s/009yz4a8 HTTP 301
https://www.betterhelp.com/s/009yz4a8/ HTTP 302
https://www.betterhelp.com/login/?encemail=BH64-NRyFKbtWs2m%2FVUCMEPrkazRTM3Y0RURVNXpiVXRRdmxUZnRtazJTe... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Slick (JavaScript Libraries) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Business
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://betterhelp.com/s/009yz4a8 Page URL
-
http://betterhelp.com/s/009yz4a8
HTTP 301
https://betterhelp.com/s/009yz4a8 HTTP 301
http://www.betterhelp.com/s/009yz4a8 HTTP 301
https://www.betterhelp.com/s/009yz4a8 HTTP 301
https://www.betterhelp.com/s/009yz4a8/ HTTP 302
https://www.betterhelp.com/login/?encemail=BH64-NRyFKbtWs2m%2FVUCMEPrkazRTM3Y0RURVNXpiVXRRdmxUZnRtazJTek1nTDlaTE5KcHdzN1JnSWl0R2M9&utm_source=sms-trig&utm_campaign=rem&utm_term=reminder_30m Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
009yz4a8
betterhelp.com/s/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
challenge.js
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/ |
1 MB 263 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
verify
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/ |
256 B 616 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
verify
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.betterhelp.com/login/ Redirect Chain
|
56 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mobile.min.css
static.betterhelp.com/css/contrib/jquerymobile/1.4.5/ |
203 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.25c43da3f41a.css
static.betterhelp.com/css/contrib/font-awesome/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome-animation.min.css
static.betterhelp.com/css/contrib/font-awesome-animation/0.0.7/css/ |
17 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.css
static.betterhelp.com/css/contrib/select2/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bh_style.min.25c43da3f41a.css
static.betterhelp.com/css/betterhelp_two/ |
577 KB 86 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick_new.css
static.betterhelp.com/css/slider/ |
1 KB 933 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick-theme.css
static.betterhelp.com/css/slider/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.js
z.betterhelp.com/cdn-cgi/zaraz/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.recaptcha.net/recaptcha/ |
887 B 1001 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
dy7glz37jgl0b.cloudfront.net/betterhelp_two/bh-logos/ |
18 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-color-md.png
dy7glz37jgl0b.cloudfront.net/brand/betterhelp/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ee63d24bc3d15512c51ef7bf67ebd76f.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
efab72cfc1c27e21893c52338233f8d3.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb8a83911c1cf72a0d0d35e9c939d1e5.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b98d0d05af9940a4d92d5ac71991041a.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
84a58971561b50f85c14d62f31406669.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
581405a63a7498cc70fb4889d15c390c.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4b7b62c4e11c44c3c522d094e52bc073.jpg
d3ez4in977nymc.cloudfront.net/avatars/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.js
static.betterhelp.com/js/contrib/trackjs/v3/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lozad.min.js
static.betterhelp.com/js/contrib/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
static.betterhelp.com/js/contrib/jquery/2.2.2/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.full.min.js
static.betterhelp.com/js/contrib/select2/ |
77 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
static.betterhelp.com/js/contrib/bootstrap/3.3.6/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
everywhere.min.25c43da3f41a.js
static.betterhelp.com/js/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.min.25c43da3f41a.js
static.betterhelp.com/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jstz.min.js
static.betterhelp.com/js/contrib/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loggedout.min.25c43da3f41a.js
static.betterhelp.com/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
static.betterhelp.com/js/contrib/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tippy-bundle.umd.min.js
static.betterhelp.com/js/contrib/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick_new.min.js
static.betterhelp.com/js/contrib/slider/ |
42 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bhrecaptchavthree.min.25c43da3f41a.js
static.betterhelp.com/js/ |
624 B 785 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
H9R1GshL.js
static.betterhelp.com/js/contrib/sp/ |
69 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ |
404 KB 163 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v12/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tp2
events.betterhelp.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q021-impossible.jpg
dy7glz37jgl0b.cloudfront.net/login/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
events.betterhelp.com/com.snowplowanalytics.snowplow/ |
2 B 342 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.pridecounseling.com/api/multi_cookie/ |
20 B 699 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.faithfulcounseling.com/api/multi_cookie/ |
20 B 698 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.mytherapist.com/api/multi_cookie/ |
20 B 698 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.teencounseling.com/api/multi_cookie/ |
20 B 698 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.betterhelp.com/api/multi_cookie/ |
46 B 385 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.betterhelporg.com/api/multi_cookie/ |
20 B 623 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.regain.us/api/multi_cookie/ |
20 B 698 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.pridecounseling.com/api/multi_cookie/ |
20 B 783 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.faithfulcounseling.com/api/multi_cookie/ |
20 B 785 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.mytherapist.com/api/multi_cookie/ |
20 B 779 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.teencounseling.com/api/multi_cookie/ |
20 B 782 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.betterhelp.com/api/multi_cookie/ |
46 B 385 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.betterhelporg.com/api/multi_cookie/ |
20 B 705 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.regain.us/api/multi_cookie/ |
20 B 776 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slick.woff
static.betterhelp.com/css/slider/fonts/ |
1 KB 2 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
static.betterhelp.com/css/slider/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.js
z.betterhelp.com/cdn-cgi/zaraz/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.recaptcha.net/recaptcha/api2/ Frame 199D |
42 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame 199D |
52 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame 199D |
404 KB 162 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 199D |
102 B 134 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usage.gif
usage.trackjs.com/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
reload
www.recaptcha.net/recaptcha/api2/ Frame 199D |
33 KB 19 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
events.betterhelp.com/com.snowplowanalytics.snowplow/ |
2 B 341 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tp2
events.betterhelp.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontentvisibilityautostatechange function| get_cookie function| set_cookie object| page_info object| zarazData object| zaraz string| user_type object| snowplow_global object| GlobalSnowplowNamespace function| snowplow object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| remove_url_parameter string| clean_url object| trackJs object| TrackJS function| lozad function| $ function| jQuery undefined| main_html_element undefined| lang_observer undefined| consent_observer boolean| showPopup string| PLACEHOLDER string| NOTESPLACEHOLDER function| startBhLoadingAnimation function| stopBhLoadingAnimation function| startBhLoadingAnimationNonBlocking function| stopBhLoadingAnimationNonBlocking function| isInt function| escape_html function| setMessageHeight function| getUrlParameter function| isNotPlaceholder function| reset_form_buttons function| seconds_to_hms function| sleep function| show_cookie_settings_modal function| accept_all_cookies function| save_cookie_settings function| hide_spinner function| show_modal_tracking function| show_modal function| get_formatted_time2 function| getDateFragments function| is_dates_on_same_day function| is_email function| zeropad function| capitalize_first_letter function| assets_app_version function| clone_template function| get_is_visible function| mobile_notification function| scroll_to_animation function| try_to_autoplay_sound function| setup_tooltip_with_text function| setup_tippy_tooltip_with_text function| listen_to_billing_history_click_on_iOS function| get_scrollbar_width function| allocate_to_pre_signup_experiment function| setIosDeviceToken function| update_client_push_notifications_enabled object| socket function| reconnectSocket object| jstz function| visibleHeader object| Popper function| tippy function| recaptcha_v3_callback function| recaptcha_v3_execute function| addFormNonces function| addFormNonce object| recaptcha object| closure_lm_428694 function| defer function| deferscript object| dataLayer26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.recaptcha.net/recaptcha | Name: _GRECAPTCHA Value: 09AOOcfwtgn4x0m3iqAu2_1iUEO-1NMPpvrxvhBrlgPrOhER6i-FuxXBzKKx5TBIWHJ0ZuLXeptkOEjbZj6r0D2YY |
|
.betterhelp.com/ | Name: aws-waf-token Value: 7513d504-8a2e-4276-ba71-49d89b8d0c79:EQoAgF2bw9IIAAAA:jB4WODywfiqoK0YVbghCuhy95bJ35NaHA3iEm1ZzkV/MRFfN1QbQpG1lRM/2/3m+bStPYadkMTOWwxk1KZW1GPzgQ2VK29/5BX+yc3bkOHFGxRlFx1Sr1XankYO2pcVvBtIFX2mAu47Ml65Y+Z4z3qNhIuyPaUlnsROjlF3Srxpp2eEh |
|
www.betterhelp.com/ | Name: nte Value: 1 |
|
www.betterhelp.com/ | Name: msct_smoke Value: TEST |
|
www.betterhelp.com/ | Name: clicked_text_link Value: 1 |
|
www.betterhelp.com/ | Name: BHTOK Value: 9056d6624869cabfed3fe9cbb34deb8f128d70199dfe3e7377040572afd6b0d4024893cd09fe3f3513489749bfbc5aaf460d87b6ac63e6fcfc343afaea1e3560 |
|
www.betterhelp.com/ | Name: PHPSESSID Value: r9b1s9aii5p6fldvab8vkcedvb |
|
www.betterhelp.com/ | Name: excluded_always_show Value: 0 |
|
www.betterhelp.com/ | Name: bh_multi_click Value: %5B%7B%22landing_page%22%3A%22login%22%2C%22entry_page%22%3A%22s%5C%2F009yz4a8%22%2C%22referer%22%3A%22http%3A%5C%2F%5C%2Fbetterhelp.com%5C%2F%22%2C%22clicked_at%22%3A1674771430%2C%22created_ua%22%3A%22Mozilla%5C%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%5C%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%5C%2F109.0.5414.119%20Safari%5C%2F537.36%22%2C%22site_id%22%3A2%2C%22utm_source%22%3A%22sms-trig%22%2C%22utm_campaign%22%3A%22rem%22%2C%22utm_term%22%3A%22reminder_30m%22%2C%22click_num%22%3A1%7D%5D |
|
www.betterhelp.com/ | Name: bh_click_num Value: 2 |
|
.betterhelp.com/ | Name: _sp_ses.7092 Value: * |
|
www.betterhelp.com/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
.regain.us/ | Name: _sp_id.8576 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771431.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
|
.faithfulcounseling.com/ | Name: _sp_id.2392 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771431.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
|
www.faithfulcounseling.com/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
www.regain.us/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
.mytherapist.com/ | Name: _sp_id.57d2 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771431.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
|
www.mytherapist.com/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
.pridecounseling.com/ | Name: _sp_id.ad23 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771431.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
|
www.pridecounseling.com/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
.teencounseling.com/ | Name: _sp_id.ba86 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771431.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
|
www.teencounseling.com/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
www.betterhelporg.com/ | Name: bh_mc_id Value: 63d2fbe6997a87.29651272 |
|
.betterhelporg.com/ | Name: _sp_id.9283 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771431.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
|
events.betterhelp.com/ | Name: collector_cookie Value: 7dddc5c1-055f-4b72-bc19-f458361f7c8f |
|
.betterhelp.com/ | Name: _sp_id.7092 Value: fd2e161d-0f89-43c0-9b5a-cee57c371b70.1674771430.2.1674771432.1674771430.3d2e6a5c-5e79-4b73-b980-6685195b0595 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
27828fc62a50.9021bf3a.us-east-1.token.awswaf.com
betterhelp.com
d3ez4in977nymc.cloudfront.net
dy7glz37jgl0b.cloudfront.net
events.betterhelp.com
fonts.googleapis.com
fonts.gstatic.com
static.betterhelp.com
usage.trackjs.com
www.betterhelp.com
www.betterhelporg.com
www.faithfulcounseling.com
www.gstatic.com
www.mytherapist.com
www.pridecounseling.com
www.recaptcha.net
www.regain.us
www.teencounseling.com
z.betterhelp.com
13.32.110.98
143.204.215.5
143.204.89.79
158.69.52.117
2606:4700:4400::ac40:94cb
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2003
2a00:1450:400d:80e::200a
3.223.102.10
52.204.149.219
54.196.94.127
54.205.199.201
65.9.66.49
047309bb8a4a28b2602d162e0673609de49595f770695da41d21b8e9e66728ff
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
0a44340c5a11f012181b8f7bfa452701021a447567f08039cfde0d1bfab8a5fc
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e8dc16e05993b61e9aa3fcd3cc55e510f32717e7f4a3755b4d94202c7f4f645
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
11761ca1ac3500ed7b5339efe22f78bb9412fceb7d8d1494cda60f11dde56cbe
132485bf04dfefdef8227c7a2deab9a87f02323c192ba0fc00b1cc95e524ab70
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
16783245ea796a6f4392831a90503b5e45b8cb0d74607cad0df96fc02327836f
1ae67606e11157c5c27a4406956bdaddf11f99e28343e5fed2a9469f3c649383
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275df1d93a872d5eb6d566482120f9cbad97c4c830788fa8bd806c869b6270a8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
339f9dc330eeca0f8f39ec6f4b6135e5702ac0c0758637db09975eedeb67a74d
35dcde0856dc3576427c90194a3dab11a30e3f628a4eb183fa7d85e77f55b672
3d8428a9134be6afe9b62d2602cb4146c70cc1966720a84135b0f2e3244da23a
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
5465dcf6e80b01ccff93ca722ccaa14399aaab9c660b7822c217ab9cf78ccdd3
5b72200d24db8dbc9ff978e080d7728c2260e06a5aad7cfe10775c6999a2b016
5c504ef5683cb5313bc9183e650cc823e243cac84a6b7da61a0848b0ff998024
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
61763397729e4bc2b24dcc605241548bfd74d6635b5bf64c4ec02129ee323766
666e7c9c0fdef23cd6f2abdd8bde9279ecc9a5cb16b45d15eac74801346c90a7
68045d26e1a15012375a0c2281ac5a1160337773db8f0d43938821bdfe95b982
6f12426199f5e37c8925407009a5297c005b0f99bd0d56c6fed0da4b90a7884b
77116bafd75ffbc2410c10d38409b3548c5cf3fbcdd8bb9376433f7b6a0c0f62
7e31b03d2904620e2cb7e271d7a971f1faaa44a988b8f695b3667546f1de22f8
81d9fe5341c85b979a798085fb5911f14f2df6f4c077d650da6165e6140488db
827aea8f6121f57cb1abd17b50fd006298113da3b7c1ee0d5342ef87d57d4575
8d509932fbcdea79358ea828849017217fecb422e89d2678e098e7affea1d315
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
a913ed9fac3c2e48ce17c0bd3b67997c6b6c0217a736d31aa091cb0121c47d29
ba9f0ceee5530bb23aca1f3b26f47b677dd5f607e3e5d1fa025f8e3509ee21c6
bde718bbe26419b2789ee42b6816077570326691d41b5d8488df906931dc840a
c1680ae2d399e96c1509163bc029f69acb05023ea031e4e54fa5cdd75a030736
c59d37e64df415ea4cf391b3b8d0adb7c139ea5941108e874360e752dd2026d3
cb1b8a5ed9a65c7c3547353e061f80f408edcdb0b1a4fd910d5fcb8fe068cc84
ce35f9ce8a3dbb7cda0f180785359fd98f76e319ca8b1e0a07b22c628cebce1e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d48d44c8a9cf641c09bd7c17a41300790685499b7d2816ae44a3fad8b4c46066
d8c1a1bcdf859b3cfead3f6aafab9af10644be1ed3139f24388a07ed5d1eb6b4
db7281febcefd83fbb84f332bcaf094b1b7ee68f46de6394082870538f84f9b0
de747ad32c236e23e6f8c9fd2e286f4c30198b9f365cf580d8cef446b9dc0330
df6bf89bd3ad3f685a901660d2fba296f12943fa7cca136213162e8ac406bc80
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
f4853d8d87e13ae5f7d0c5ca807600efc66ec2b69f917dcec33216bb5f71cecf
f7ea25debda6b3f5255b77cea4ae6391c86737f0dcf55804c5f11e2123cd567d